PROTECTING YOUR VOTE 


California has signed up a security expert to test whether its 
e-voting machines can withstand a hacker attack. PAGE 6 


David Moschella senses a shift that 
heralds new boom times for IT. PAGE 27 
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Sun Aims for Developer Backin 
With Expanded Open-source Effort 


Attracting IT support may take time, officials acknowledge 


NEWSPAPER 


IT Under 
‘The Gun 


We can leam a lot from IT units that 
operate in emergency conditions 
such as hurricanes and war zones. 


Class begins on PAGE 43. 


VarWeebereslMMerrcebbeceeUdalabectatacetalaeat 
RBXBBIF THARAAKARHERERAUTORAS-DIGIT 49103 


80S76350/CBvee CHZ00545 00} 16653 
SHERT MARION 81 
PROQUEST 

MS 38 

300 N ZEEB RD 

ANN ARBOR MI 48103-1553 











BY PATRICK THIBODEAY 

Sun Microsystems Inc., 

whose software busi- 

ness has long lagged 

behind competitors’, 

last week extended its 

list of open-source offer- 

ings to include all of its 

core software products. 
Analysts said the move, 

which makes its middleware, 

management and Java devel- 

opment tools free to use, is yet 


| another indication that such 


infrastructure software is be- 
coming a commodity. 

The new effort follows Sun’s 
decision last year to offer its 
Solaris operating system as an 
open-source technology. 

Sun officials acknowledged 
that the latest move won’t 








cut software prices 
for most corporate 
users, who will still 
pay current prices for 
service and support. 
For instance, users of 
the company’s Java 
Enterprise System 
middleware stack will 
pay $140 per employee an- 
nually for the entire product 
suite — the same as today’s 


enterprise license price tag. 


Nonetheless, some users 
do expect to benefit from the 
open-source principles. 

Daniel Grim, executive di- 
rector of network and systems 
at the University of Delaware 
in Newark, said that just after 
Sun’s announcement, his de- 
velopers discovered that they 


Users Driven to Third-Party Security 


Major database 
vendors don’t yet 


| meet user needs 


BY ERIC LAI 

Managing a 9TB SQL Server 
2005 database full of confiden- 
tial information such as 
patients’ health claims 
and Social Security 
numbers, Adam Solesby 
knows he can’t affordto 
skimp on security. 

The director of stra- He 
tegic development at 
Franklin, Tenn.-based 
AIM Healthcare Ser- 
vices Inc. has savvy 
database administrators who 


encrypt all data that’s archived 


or traveling through the net- 


A 
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work and who monitor data- 


| base usage with auditing tools 


built in-house. 

Still, Solesby said he has 
recently started to test third- 
party database security tools. 

Why? “We have implement- 
ed poiicies and procedures 
like crazy here,” Solesby 
said. “But databases are 
not hardened. They are 
still on the low end of 
the spectrum in terms of 
security.” 

Solesby isn’t alone. 
Even though their 
licenses cost tens of 
thousands of dollars, 
big commercial da- 
tabases aren’t meeting user 
demand for increased data 

Security, page 16 


didn’t need a software key to 


| enable use of the new release 


of Sun’s Studio 1 tool. 
Typically, the school has to 

wait weeks or even months for 

new product keys. “So that is 


| pretty useful,” said Grim. 


He also said Sun’s ear- 


| lier move to open the Solaris 


Sun, page 61 


CA spin-off woos 
enterprises tired 
of license fees 


BY ERIC LAI 
The new owners of the 
venerable Ingres database 
are pinning their comeback 
hopes on enterprise users 
who are fed up with the 
hefty commercial license 
fees and open-source de- 
velopers who are largely 
unaware of the long- 
declining database. 

Users of Ingres, which 
then-owner Computer As- 
sociates International Inc. 
turned open-source last 
year, say they are heartened 
by what they are hearing 
from Ingres Corp. 

But analysts remain 
skeptical about Ingres’ 
chances of success, and 
even the database’s loyal- 


Ingres, page 16 
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A Shipper Processing 5 Terabytes of Data. 
Running on Microsoft SQL Server 2005. 





in 3 
°o °o 
3° tn 
N a 
i @ | 
o ” 
“ 
a ad 
Oo 
o Vn 


Mediterranean Shipping Company, the world’s second largest containership operator, tracks Win i 
cargo out of 250 ports. Upgrading their database to new SQL Server™ 2005 running on i Ows 


Windows Server™ 2003 delivered 99.999% availability* See how at microsoft.com/bigdata Server Systenr 


aX Saas 
— 


Bia ee ~ 


Pron Rigen nha ae eee cea nares Pr nn wan 7 
he ied ld a ae ea Reena 


ee 


aah Pa 
a 


— a 








Mae) inspired by the human side of data. Digital music-is more than just files. It’s a better mood, her personal 


soundtrack, or enough head-banging rock to keep her on nee Deemer MS) 
drives are the industry choice for MP3 players, and runners alike. From the smallest Microdrive® to the largest 


SAN solution, Data Storage from Hitachi. 


hitachiyourdata.com 


CONTENTS © 





weal fi and Order on the Open-source Range 


inthe Technology section: IT executives like Charlie Brenner of 
idelity Investments say developing applications with open- 
Bt source components can cause legal problems if you don’t give 
seprogrammers specific guidelines, methodologies and tools to 
p them stay within the law. Page 29 
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The state of California plans to 
test Diebold e-voting equip- 
ment by allowing a hacker to try 

to break into the system. 


Lenovo's ThinkPad users have 
encountered an annoying prob- 
lem in updating the hard drives. 


Online shoppers are wary about 
the security of Web-based re- 
tail sites, according to surveys. 


Long-distance backups still 

aren’t happening at enough 
companies, despite recent natural 
disasters, Gartner reports. 


1?) Merrill Lynch sells a mainframe 
Web services tool set to SOA 
Software that processes 1.5 mil- 
lion transactions a day. 


1 AmberPoint and Mindreef un- 
veil tools to help users with 
the cumbersome process of man- 

aging Web services. 


14 IBM expands its lineup of self- 
healing tools in the nascent 
autonomic computing market. 
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tremendous impact on business 
and society. 


4 Mark Willoughby thinks the 
future of storage lies in kick- 

ing the hardware habit — and in 
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highly effective team effort to as- 
sist with relief. 
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Working Through the Pain 

In the Management section: Many IT groups that have 
sent work offshore have been disappointed in the re- 
sults, but some have stuck with it, learned from their 
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with offshore vendors. Page 46 


ONLINE 


WWW.COMPUTERWORLD.COM 


The Power of One 

MOBILE/WIRELESS: Brian Dal Bello and Pat 
Calhoun at Cisco Systems explain the ben- 
efits of having one identity and one mailbox 
for voice and data communications. 


@ QuickLink a7510 


ClO Compensation and 
Shareholder Value 


IT MANAGEMENT: Alinean’s Thomas Pisello 
says companies have yet to align CIO pay 
with performance. @ QuickLink 58123 


Picture-Perfect Package 

MACINTOSH: In what may very well be the 

last of the G4 processor-based PowerBooks, 
Apple has created its best overall laptops yet. 
© QuickLink 27530 


Some Common Sense, Please 
SECURITY: The case of Daniel Cuthbert, who 
was convicted of gaining illegal access to a 
charity Web site, is a prime example of why 
it’s crucial for security professionals to have 


good judgment. @ QuickLink a7520 


Mobile and Wireless Primer 


WEBCAST: Learn about latest developments 
in tools, protocols and standards, and ex- 
plore how new mobile technologies are 
being used in five vertical industries: health 
care, government, manufacturing, utilities 
and financial services. @ QuickLink a5830 


Shark Tank Blog 


Now you can post your own comments on- 
line in response to Shark Tank’s true tales of 
IT life. Have you had a similar experience? 
Do you want to commiserate? Head to www. 


computerworld.com/blogs/sharky and select 


“add new comment.” 


ONLINE DEPARTMENTS 

Breaking News computerworld.com/news 
Newsletter Subscriptions computerworld.com/newsletters 
Knowledge Centers computerworld.com/topics 
The Online Store computerworld.com/store 








AT DEADLINE 


Microsoft Issues 
Alert for IE Bug 


Microsoft Corp. has issued a 
warning that hackers are target- 
ing a critical unpatched bug in 
Internet Explorer. The attackers 
could use the flaw to seize con- 
trol of a user’s system, it said. 
The bug was first disclosed in 
May but was not considered to 
be serious until U.K.-based secu- 
rity firm Computer Terrorism Ltd. 
last week showed how hackers 
could exploit it and possibly take 
over a Windows system. 


Cognos Warns of 
Poor Q3 Results 


Cognos Inc. warned of grim 
financial results in its just-ended 
third quarter. CEO Rob Ashe 
said that sales forecasting and 
execution was poor and that 
the transition to the company’s 
new Cognos 8 software “proved 
challenging.” The Ottawa-based 
company now projects revenue 
of $209 million to $212 million. 
It had previously projected rev- 
enue of $233 million. 


Intel to Build $3.5B 
Chip Plant in Israel 
Intel Corp. is set to begin 
construction of a $3.5 billion 
advanced semiconductor manu- 
facturing facility called Fab 28 in 
Kiryat Gat, Israel. The plant will 
be the seventh Intel facility that 
can produce 300mm silicon wa- 
fers, from which the company’s 
microprocessors are cut. Intel 
currently has five 300mm chip 
plants in the U.S. and a sixth in 
Ireland. The new facility is ex- 
pected to create 2,000 jobs over 
the next several years. 


Novell Wins $39M 
U.K. Contract 


The U.K. National Health Ser- 
vices agency has awarded Novell 
Inc. a $39 million contract to 
supply security, management 
and infrastructure technology. 
The three-year pact calls for the 
agency to use the Novell technol- 
ogy to eventually connect more 
than 100,000 doctors, 380,000 
nurses and 50,000 other health 
care workers. 
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California Plans Hacking 
‘Test of E-voting Systems 


Fla. test found 
Diebold machines 
vulnerable 


BY MARC L. SONGINI 
OOKING TO quell 
fears about potential 
vote tampering with 
electronic voting ma- 
chines, the state of California 
this month plans to hold a 
hacking test of an optical scan 
voting device from Diebold 
Election Systems. 

The initial test was to be 
held last week but was post- 
poned, said Jim March, an in- 
vestigator at Black Box Voting 
Inc., a Renton, Wash.-based 
nonprofit voter advocacy group. 

Plans for the California test 
come amid recurring concerns 
that e-voting gear, including 
optical scan and touch-screen 
voting machines, are vulner- 
able to intrusion or rigging. 

March’s organization prod- 
ded California Secretary of 
State Bruce McPherson’s of- 
fice to test Diebold’s AccuVote 





’s AccuVote machines are 
are facing security scrutiny. 


optical scan equipment for 
possible vulnerabilities after 
a check of the machines in 
Florida revealed problems. 

March said the Leon County, 
Fla., test in May determined 
that a vulnerability in the 
memory card in the Diebold 
optical scan machine could 
allow a hacker to replace code 
and “doctor the results.” 

The California test is ex- 
pected to be carried out by 
Finland-based security expert 
Harri Hursti, who conducted 
the Florida test in conjunction 
with Black Box. It hasn’t been 
determined whether Black Box 
will be involved in the Califor- 
nia trial run. 

A spokeswoman for the Cal- 





ifornia secretary of state said 
the Florida evaluation per- 
suaded McPherson to sponsor 
a security test in his state. She 
said the secretary’s office and 
Hursti are still working on the 
protocols and logistical details 
for the California test. 

The spokeswoman said that 
a machine will be selected for 
the trial at random from an 
undetermined voting precinct 
in the state. 

McKinney, Texas-based 
Diebold contends that its opti- 
cal scan gear is not vulnerable 
to hacking and has agreed to 
work with McPherson on the 
upcoming test. 


Diebold Responds 
A Diebold spokesman called 
the Leon County, Fla., hacking 
test invalid. “We weren’t ever 
aware of it,” he said. Hursti and 
Black Box were given “com- 
plete and unfettered access” to 
the system and the passcode, 
but such access isn’t generally 
available to outsiders, he said. 
The spokesman also noted 





www.computerworld.com 


that security procedures dur- 
ing elections extend beyond 
the safety of the equipment. 

“If I gave you the keys to my 
house and told you when I was 
out, you would have a good 
chance to get in,” the spokes- 
man said. 

On another front, Diebold’s 
status as a provider of e-voting 
equipment in North Carolina 
is in limbo after a judge last 
week denied its request for an 
injunction that would shield 
the company from the state’s 
election transparency laws. 

Diebold had argued that 
the laws requiring e-voting 
machine vendors to place 
all source code and related 
software in escrow can’t be 
followed. 

“We're not trying to evade 
anything,” said Doug Hanna, 
a Raleigh-based attorney rep- 
resenting Diebold. He said 
vendors can’t possibly comply 
with the statute because they 
can’t legally place system 
components from third-party 
vendors in escrow. 

Hanna said other states 
dictate that proprietary source 
code be placed in escrow, but 
not third-party code. He said 
he doesn’t know how the fight 
in North Carolina will affect 
Diebold’s status there.» 





Complaints Prompt Lenovo 


BY MATT HAMBLEN 
Under the heading of laptop 
computer problems, there are 
minor issues and major issues. 
Laptop support engineer Kim 
Kramaric has identified a third 
category: annoying issues. 
Kramaric, a support engi- 
neer at 2KDesign in Copenha- 
gen, said last week that he has 
been trying to fix a problem 
affecting 50 Lenovo (formerly 
IBM) ThinkPad T43 laptops 
for nearly five months. 
Kramaric needs to provide 
two hard disk drives for each 
of his company’s T43 laptops. 
Last June, while attempting to 
add the second drives, which 
are from Hitachi Ltd., he made 
a discovery. After booting 
the machines with the extra 
drives, a “POST 2010” mes- 
sage would appear, preventing 





further steps unless the user 
pressed the Escape key. 
Nothing major, just annoy- 
ing. “That wasn’t very satisfac- 
tory for a premium computer,” 
Kramaric said, referring to the 
T43, which starts at $1,300. 


Not Major, but Widespread 
It turns out that hundreds 
of T43 users worldwide had 
noticed the same problem 
when using drives that Lenovo 
Group Ltd. didn’t support, ac- 
cording to user forums. Since 
the problem was first noticed 
in May, about 100 users have 
posted comments about the 
problem at the Independent 
ThinkPad Open Forum site. 
Last week, Lenovo posted 
a BIOS update that lets the 
T43 start up without requiring 


| users to press the Escape key 





to Update ThinkPad BIOS 


when the POST 2010 warning 
message appears. Users who 
tried out the BIOS posted mes- 
sages at a user forum last week 
saying that the fix requires a 
user to wait 10 seconds and lis- 
ten for a beep before proceed- 
ing. Nonetheless, Kramaric 
said he’s eager to try out the 
fix, since the Hitachi drives 
cost less than half the price of 
Lenovo drives. 

But the experience left Kra- 
maric questioning Lenovo’s 
commitment to support. “Ona 
scale of 1 to 10, their score hits 
rock bottom at 1,” he said. 

A Lenovo spokesman and 
industry analysts said the 
problem is fairly minor and ar- 
gued that the company’s sales 
since the May acquisition of 
IBM’s PC unit show that users 
seem to like Lenovo products. 


“People are upset about [the 
POST 2010 error],” a Lenovo 
spokesman said. “But it’s not a 
hugely overarching issue. 

Richard Shim, an analyst at 
IDC, agreed that this “smaller- 
scale” problem gained promi- 
nence because it affects a main- 
stream laptop that has probably 
been sold to hundreds of 
thousands of users. “It doesn’t 
sound like [the problem] 
would have a material impact 
on Lenovo revenues,” he said. 

In fact, Lenovo has nearly 
reached the market share IBM 
had before it sold the vendor 
its PC division. Lenovo had 
7.7% of global laptop and PC 
sales in the third quarter of 
2005, and IBM’s PC division 
had about 8% of the market 
in the third quarter of 2004, 
Shim said. ? 
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Security Concerns Cloud Online Shopping 


Survey reveals consumer fear over 
data privacy, identity theft and fraud 





BY JAIKUMAR VIJAYAN 
HE BIG increase in 
online sales that is 
expected this holiday 
shopping season 

comes amid what appears to 

be unprecedented consumer 
concern over data privacy, on- 
line fraud and identity theft. 

The results of a new survey 
of 1,005 consumers released 
last week show that although 
78% of U.S. Internet users plan 
to shop online this year, more 
than 69% of those shoppers 
will limit their online purchas- 
ing because of concerns asso- 
ciated with the safety of their 
personal information. 

The survey was conducted 
by Truste, a nonprofit privacy 
organization in San Francisco, 
and market research firm 
Taylor Nelson Sofres PLC in 
New York. More than 40% of 
the respondents said that pri- 
vacy-related concerns would 
deter them from purchasing 
from smaller online retailers. 
About 22% said they won’t be 
purchasing online at all. The 
survey was conducted online 
between Oct. 27 and Nov. 1. 

“There’s definitely a reason 
for both consumers and mer- 
chants to feel more concerned” 
about data security and pri- 
vacy issues compared with 
previous years, said John Pes- 
catore, an analyst at Stamford, 
Conn.-based Gartner Inc. 


Assessing the Risks 


For consumers, the biggest 
risks come from hackers’ in- 
creasing use of keystroke- 
logging and password-acqui- 
sition tools, Pescatore said. 
Such remote access tools let 
cyberthieves capture sensitive 
information, such as credit 
card numbers, from consum- 
ers who are conducting busi- 
ness online, he said. 

A Gartner study conducted 
in March showed that despite 
a higher awareness of phishing 
scams, a large number of con- 
sumers continue to be fooled 








into visiting Web sites that 
download such hacker tools, 
Pescatore added. 

And it’s not only consumers 
who need to be wary about 
the increasing proliferation of 
such tools. Companies whose 
employees use corporate sys- 
tems to buy online should also 
be concerned, said Charles 
King, a product manager at 
Blue Coat Systems Inc., a 
Sunnyvale, Calif.-based secu- 
rity vendor. 

According to King, the en- 
crypted connections between 
employees and the shopping 
sites they go to can often be 
used as a conduit for spyware, 
bot programs, viruses and 








worms. Such encrypted ses- 
sions are often allowed to pass 
through untouched to employ- 
ees’ PCs, raising all sorts of 
security issues, he said. 

“Encrypted communica- 
tions are agnostic. It doesn’t 
tell you if the traffic is good or 
bad,” said Pete Lindstrom, an 
analyst at Spire Security LLC 
in Malvern, Pa. So companies 
need to have controls in place 
— such as proxies to terminate 
Secure Sockets Layer traf- 
fic — to ensure that employees’ 
shopping behavior doesn’t 
pose a security risk, he said. 

The results from the Truste 
survey appear to reinforce 
the findings of other recent 
surveys. 

In a nationwide survey of 
1,009 consumers conducted by 
Forrester Custom Consumer 


Research for the Business 
Software Alliance, one in four 
consumers said they would not 
shop online because of Inter- 
net security concerns. 
Another survey, released on 
Nov. 22 by Sun Microsystems 
Inc., showed that 83% of the 


SOURCE: TRUSTE/TNS 
HOLIDAY ONLINE SHOPPING SURVEY 


2,008 consumers polled think 
they’re most susceptible to 
identity theft during the holi- 
day season. 

But Cathy Hotka, senior vice 
president of technology and 
business development at the 
Retail Industry Leaders As- 
sociation in Washington, said 
much of the concern about on- 
line security is overblown. 

“I don’t believe for a second 
that anybody’s enthusiasm 
has been dampened” because 
of online security concerns, 


| Hotka said. 


“The track record of online 
security is great. We’ve dem- 
onstrated safe e-commerce for 
years, and consumers love it,” 
she said. “If anything, there’s 
concern about phishing and 
the effect that it can have on 
brand.” » 





Users Slow to Back Up Data Off-site 


Hurricanes spur 
move to disk 
backups, but data 


still stored locally 


BY LUCAS MEARIAN 
More companies are making 
disk-to-disk backups for data 
protection in the wake of hur- 
ricanes Katrina and Wilma, 
but there’s one problem: Many 
are keeping that duplicate data 
locally, where it’s still vulner- 
able to the effects of a disaster. 
Last week, Gartner Inc. re- 
leased a survey of 104 North 
American IT managers that 
found that 45% of respondents 
back up or replicate data to 


| another disk, up from just 6% 


who did so in 2004. Yet 70% 
of the respondents who make 
backups said they do so toa 
local device, according to the 
September survey. 
Companies should be send- 
ing their backup data to a 
distant, off-site facility that’s 
owned either by the company 
or a storage service provider so 
that a local catastrophe doesn’t 
wipe out both the original and 





backup copies, said Gartner 
analyst Adam Couture. 

Some users are moving 
in the right direction. Dale 
Caldwell, a systems program- 
mer at Grange Insurance 
Group in Seattle, said that 
until a year ago, his company 
performed nightly batch data 
backups that took 13 hours to 
complete and stored the tapes 
at an Office in another part of 
the city. 

But after 9/11 and a recent 
spate of natural disasters, reg- 
ulators pushed Grange to es- 
tablish disaster recovery plans 
that involve replicating critical 
data to more-distant locations. 

So Caldwell now replicates 
data from a virtual tape library 
(VTL) in Grange’s main data 
center to a center in Spokane, 
Wash., 230 miles away. He said 
he’s using a VTL controller 
from Bus-Tech Inc. in Bur- 
lington, Mass., to store and 
retrieve mainframe tape data 
sets, eliminating most of his 
tape infrastructure. 

“The [off-site replication] 
has been really wonderful. 
There’s a lot of time savings 
to it,” Caldwell said. He said 


the disk-to-disk replication 
knocked two hours off his 


| nightly backups and cut the 


time needed for data restora- 
tions from two hours with 
tape to 45 minutes with disk. 


Online Backups 
Christopher Varner, chief 
technology officer at DDJ 
Capital Management LLC 
in Wellesley, Mass., said he’s 
planning a move away from 
tape backup to an online data 
backup and recovery scheme 
from EVault Inc. in Emeryville, 
Calif., and SunGard Data Sys- 
tems Inc. in Wayne, Pa. 

DDJ Capital plans to install 
a backup storage server on its 
LAN running EVault software 
for regular backups to restore 
deleted files locally. It also 
plans to have a duplicate back- 
up server replicate data over 
the Internet to a SunGard data 
center that also runs EVault. 

“This enhances our disaster 
recovery capabilities and also 
makes backups easier for my 
staff,” Varner said. “No more 
taking tapes home every night 
or dealing with the hassle of 
rotating our tape library in the 


bank safe-deposit box.” 

The local vault will be used 
as necessary to restore deleted 
files, and the off-site backup 
will be used for disaster recov- 
ery, Varner said. 

The Gartner survey also 
showed that IT managers are 
becoming more comfortable 
with using managed storage 
services to copy data off-site. 
Over the past two years, Cou- 
ture said, 30% to 40% of IT 
managers surveyed indicated 
that they would never use a 
third-party service provider. 
But in the most recent survey, 
that number had plummeted 
to 6%. 

Gartner’s poll also showed 
that data security is becom- 
ing a priority for IT managers, 
following numerous highly 
publicized data-loss incidents 
this year. Indeed, 55% of those 
surveyed said they encrypt all 
backup files, and 50% said they 
will review internal policies 
for access to backup data. 

“One of the advantages of 
using a service provider for 
remote backup service is that 
they encrypt everything be- 
fore it’s sent — and, of course, 
nobody is touching a physical 
tape or putting it on the truck,” 
Couture said.» 
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HP’s Top Software 
Executive Resigns 

The top software executive 

at Hewlett-Packard Co. has 
resigned for personal reasons 
and will leave the company on 
Dec. 9. Nora Denzel, senior vice 
president and general manager 
of HP’s Software Global Busi- 
ness Unit, has been at HP since 
2000. Denzel will be replaced 
temporarily by Todd DeLaughter, 
senior vice president and general 
manager of HP’s OpenView Busi- 
ness Unit. 


New Firefox Browser 
Release Finally Ships 
After a host of test releases and 
a false start, a new version of 
the Firefox browser shipped last 
week. Firefox, which was down- 
loaded more than 100 million 
times in October, is an alterna- 
tive to Microsoft Corp.’s Internet 
Explorer. Version 1.5 includes 

a wizard that lets users report 
Web sites that don’t work in the 
Mozilla Foundation’s browser in 
order to help developers ensure 
that sites that support IE also 
work in Firefox. 


HP Buys OpenView 
Partner Trustgenix 
HP has agreed to buy identity 
management software maker 
Trustgenix Inc. for an undis- 
closed sum. HP’s OpenView 
Select Federation product is built 
around software licensed from 
Trustgenix. The product lets 
companies use Web single sign- 
on and cross-domain features to 
integrate with partners’ systems. 
The deal is expected to close 
within 30 days. 


Stratus, NEC Sign 
Development Pact 


Stratus Technologies Inc. and 
NEC Corp. have signed a 10-year 
joint development and technol- 
ogy cross-licensing deal. The 
companies plan to jointly build 
high-availability servers. The 
first server is expected to be 
completed late next year. NEC 
also said it will increase its 
stake in Stratus to 5.4% with a 
$9 million investment. 
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ABBA Music to 
WAN Managers .. . 


. .. ars as new tool helps keep network humming. Next 
month, Streamcore System Inc. in Puteaux, France, 
will move its headquarters to Sunnyvale, Calif., and 
upgrade the software for its StreamGroomer WAN 
acceleration appliances. Key to the upgrade, says 
CEO Eric Jeux, is the new application behavior-based 
acceleration (ABBA) hardware. ABBA (not to be con- 


fused with 
the 1970s 
Scandinavian 
pop sing- 

ing troupe) 
classifies 
application 
traffic across 
a WAN into three behavior 
types — interaction, transac- 
tion or transfer — and applies 
appropriate service levels, 
claims Jeux. For example, in- 
teraction between an end user 
and an application requires 
fast response times and is giv- 
en the necessary bandwidth. 
Streamcore’s appliances can 
handle traffic loads from 
2Mbit to 300Mbit/sec. A typi- 
cal installations starts around 
$30,000, Jeux says. 


Notes expanding 


Web services . . . 

. .. features in next release. IBM 
will be giving Lotus Notes de- 
velopers tools to let the popu- 
lar corporate application con- 
sume a Web service officially. 
Today, you can publish a Web 


The StreamGroomer appliance promises 
to boost WAN performance. 





service in 
Notes for 
other apps to 
consume, but 
not the other 
way around. 
Mark Jor- 
dain, an IBM 
product manager, says some 
app creators have already 
solved that problem, but IBM 
doesn’t officially support their 
work. However, when the 
next release of Notes appears 
late next year or early in 2007, 
IBM’s support will be official. 
Also, expect to see a Linux 
client for Notes in the next 
release. Rob Ingram, another 


| IBM product manager, 


acknowledges that 
customers aren’t yet 
banging down IBM’s 
door for a Linux client, 
but with corporate en- 
gineering departments 
shifting from Unix to 
Linux, the company 
expects to hear the tap- 
tap-tapping soon. 





acl 
your online 
SUC LUT 
eye 


Filter out 
unnecessary data. . . 
... for remote, online backups. 
Matt Medeiros observes that 
Hurricane Katrina should 
have disabused folks of the 
notion that 
storing back- 
ups across 

a campus or 
even across 
town is a good 
idea. Still, 

the CEO of 
Sunnyvale, 
Calif.-based 
SonicWall 
Inc. acknowl- 
edges that people are skepti- 
cal about the efficiencies of 
backing up PC-resident data 
across the Internet. He thinks 
that there will be fewer 
doubters in 2006, when his 
company releases a combina- 
tion of content management 
and online backup technology 
that lets you “filter out data 
that is not mission-critical to 
the company.” 

Not only can you avoid 
backing up end-user MP3 
files, but you can also skip 
saving every copy of a cor- 
porate memo on local drives. 
The SonicWall system, he 
claims, will know that only 
one memo needs to be re- 
tained. What’s more, Me- 
deiros contends, you won’t 
have to churn through every 
file to see what’s important. 
He says it will be done with 
simple scripts that can be 
written to eliminate file 
types, such as MP3s, or to 
ensure that anything labeled 
“confidential” does get saved 
off-site. 


Glide through 


multimedia . . . 

... creations effortlessly 
with a new service. So 
promises Donald Leka, 
CEO of New York- 
based TransMedia 
— if you sign up for his 
Glide Effortless service, 
which stores dozens 

of file formats, such 


argues for 
Mery 
ETL) om 
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HOT TECHNOLOGY TRENDS, NEW PRODUCT 
NEWS AND INDUSTRY BUZZ BY MARK HALL 


as PowerPoint, Word, Quick- 
Time, MP3, Flash and many 
more. With the GlideLink 
tools, you can drag and drop 
such files into a single presen- 
tation that can be streamed to 
the end users or groups you 
specify. 

According to Leka, you can 
protect file access in numer- 
ous ways. For example, you 
can set the number of times 
a person can view a stream 
or download or forward a file, 
and you can revoke access af- 
ter it has been given. The cur- 
rent release is geared toward 
consumers, with 1OOMB of 
online storage offered for free. 

Later this month, a corpo- 
rate version will be unveiled 
that, Leka says, “can provide 
a big company with a terabyte 
of storage.” Today, GlideLink 
works only with Windows, 
but around Christmas, Mac 
users will get a version, and 
in January, even Linux desk- 
top users will have one. 


Americans tops 
in impatience . . . 
... in global poll of help desk 
callers. Dimension Data Hold- 
ings PLC, an IT services and 
integration firm in Johannes- 
burg, South Africa, conducted 
a study of 360 
call centers 
across the 
globe and 
learned that 
people calling 
from the U.S. 
were likely to 
hang up the 
fastest if their 
call wasn’t an- 
swered in a timely manner. 
While callers from the Asia- 
Pacific region were willing 
to endure easy-listening ar- 
rangements of ancient Beatles 
tunes for an average of 72 sec- 
onds before slamming down 
the phone, Americans could 
tolerate that torture for only 
about half that time. Lesson? 
Answer U.S. calls first, or wait 
a bit, knowing they’ll ring off 
before you need to say hello.» 


SECONDS 
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length of time 
Americans 
are willing to 
wait for help 
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NEWS 


‘Tools for Integrating Mainframes, 


Web Services 


SOA Software buys Merrill Lynch's 
transaction-processing software 





BY HEATHER HAVENSTEIN 
ERRILL LYNCH 
& Co. has sold a 
mainframe Web 
services tool 
set that processes 1.5 million 
transactions per day to SOA 
Software Inc., a service-ori- 
ented architecture manage- 
ment and governance vendor. 
SOA Software, which is 
scheduled to announce the 
acquisition this week, has 
rebranded the products and 
plans to market them as tools 
that allow mainframe applica- 
tions to expose and consume 
Web services, according to 
officials at the Santa Monica, 
Calif.-based company. Terms 
of the deal were not disclosed. 
Eric Pulier, SOA Software’s 
chairman and founder, said 





the acquisition will help its 
users solve a vexing problem: 
folding the 35-year-old CICS 
Transaction Server, which pro- 
vides high-volume transaction 
processing for mainframes, 
into an SOA. 

“Getting these CICS main- 
frames to become part of the 
new infrastructure has been 
problematic for us to deliver 
to our customers, [and] some 
of the largest companies in 
world have been struggling 
with this,” Pulier said. “While 
people call it ‘legacy,’ it is very 
much alive and very much the 
bedrock of corporate America.” 

Merrill Lynch began design- 
ing what it called the X4ML 
Mainframe Web services 
platform in 2001; it’s currently 
running the third version of 


Get a 


| the tools, which expose and 

| consume more than 600 Web 
services. SOA Software plans 
to rename the technology 
Service Oriented Legacy Ar- 
chitecture (SOLA) and begin 
selling it this month both as 
a stand-alone product and 
integrated with its other tools. 
Four Merrill Lynch employees 
who developed the tools have 
left the company to join SOA 
Software. 

Andrew Brown, chief tech- 
nology architect at New York- 
based Merrill Lynch, said the 
tools were first used in the 
company’s private client divi- 
sion. They’re now also used 
in its institutional and asset 
management businesses. The 
company, which is one of the 
largest mainframe shops in 
the world, developed the tools 
internally because it couldn't 
find a commercial product 
four years ago that could scale 


IT Managers Seek Help With Web Services 


Emerging tools 
promise to ease 
policy processes 


BY HEATHER HAVENSTEIN 

The spread of Web services 
has forced IT managers to 
seek out new tools to ease the 
cumbersome process of man- 
aging policies like security 
and performance. 

“There are some policies 
that we think are best prac- 
tices that we want to adhere 
to,” said Chris Brown, senior 
IT architect at Charlotte, N.C.- 
based Wachovia Corp. “To 
date, adherence has been done 
manually, by review, [and] has 
been haphazard. We want to 
automate that.” 

A pair of vendors this 
week will be unveiling tools 
that promise to automate the 
process of managing Web 
services. 

AmberPoint Inc. is releasing 





AmberPoint 5.0, a new version 
of its runtime services gover- 
nance tools. And Mindreef Inc. 
is rolling out new services life- 
cycle management tools. 


Security Functions 

The MedicAlert Foundation 
plans to install the new 
AmberPoint tools over the 
next few months to better 
manage the various security 
credentia's — user IDs and 
passwords or digital certifi- 
cates — that its customers use 
to enter new health informa- 
tion into their MedicAlert 
records, according to SOA ar- 
chitect Jorge Mercado. 

“The new version] allows 
you to support any different 
number of security tokens,” 
he said. “Your lowest level of 
Web service only has to un- 
derstand one type of security 
token.” 

The Turlock, Calif.-based 
nonprofit health care infor- 


matics organization is now 
using Version 4.3 of Amber- 
Point’s Web services manage- 
ment tools to monitor the 
performance of Web services 
that process data changes cus- 
tomers make over the Internet, 
Mercado said. 

MedicAlert lets customers 
update via the Internet the 





ew Home 


in its environment, Brown said. 

With a runtime written in 
assembly language and Cobol, 
the platform was developed for 
mainframe programmers to 
use to expose mainframe Web 
services, he added. 

Brown said it took six 
months to persuade executive 
management to part with the 
platform. 

“Executive managers are 
often uncomfortable with di- 
vestment, and often they don’t 
understand the technology 
that well,” Brown said. “Our 
management ended up very 
pleased with the transaction. 
The opportunity on the open 
market was such that [Merrill 
Lynch developers] needed to 
be able to take their idea and 
test it.” 

William Mougayar, an ana- 
lyst at Aberdeen Group Inc., 
said that while several other 
vendors — such as Neon Sys- 


health histories contained on 
MedicAlert USB devices that 
attach to key chains. 

As users update their infor- 
mation, internal Web services 
spread the data to multiple 
systems, including order pro- 
cessing, billing and a medical 
information repository, Mer- 
cado added. 

AmberPoint’s updated tool 
includes policy management 
enhancements that allow com- 


NEW PRODUCTS 


Mindreef Coral 
Titel elstss 


® A policy-tool to allow multiple de 
velopment team members.to codify 
policy and author custom rules 


® Multirole testing capabilities for 
functional and tegression testing 
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AmberPoint 5.0 
Includes: 


® A policy system to eliminate 
random policy definitions 


® Prebuilt agents that give visibility 
into services, transport mecha 
nisms, third-party components and 
middleware 
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The Service Oriented 
Legacy Architecture Tool: 


tems Inc., AttachmateWRQ, 
NetManage Inc. and Webify 
Solutions Inc. — offer tools to 
enable mainframe applications 
to become services, SOLA also 
provides the ability to man- 
age, secure and govern the 
services. » 


panies to address issues such 
as security for large groups of 
services instead of one service 
at a time, said Ed Horst, vice 
president of marketing at the 
Oakland, Calif.-based vendor. 

Mindreef plans to unveil a 
server-based product called 
Mindreef Coral that’s designed 
to act as a hub housing Web 
service data. The hub allows 
development team members 
to cooperatively govern, test 
and support Web services, 
said Frank Grossman, presi- 
dent and founder of the Hollis, 
N.H.-based company. 

Brown, a beta user of Coral, 
said the new tool will allow 
Wachovia to centralize policy 
conformance when building 
and testing Web services. 

The emerging Web services 
governance and management 
tools can be used to help com- 
panies manage Web services 
as they are exposed to broader 
groups of users throughout the 
enterprise, said Ron Schmelz- 
er, an analyst at ZapThink LLC 
in Waltham, Mass. ? 
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Cray Chief Scientist 
To Join Microsoft 

The chief scientist at supercom- 
puter maker Cray Inc. resigned 
his post last week to take an un- 
disclosed job at Microsoft Corp. 
Burton Smith will leave Cray this 
week and is also stepping down 
as a director of the company. 
Smith was one of the founders 
of Tera Computer Co., which 
bought Cray Research from Sili- 
con Graphics Inc. in 2000 and 
renamed itself Cray Inc. 


Symantec Updates 
Compliance Tool 
Symantec Corp. has brought out 
upgrades to the discovery tool 
for its Veritas Enterprise Vault 
e-mail and instant messaging 
archiving software. The new 
Compliance Accelerator Version 
6.0 is designed to help financial 
U.S. Securities and Exchange 
Commission regulations and 
National Association of Securi- 
ties Dealers rules that deal with 
electronic messaging. 


Cisco to Purchase 
Security Service 

Cisco Systems Inc. has agreed to 
buy Cybertrust Inc.’s Intellishield 
Alert Manager information 
service, including intellectual 
property and customer contracts, 
for $14 million in cash. Under the 
terms of the deal, Cisco will buy 
Cybertrust’s Intellishield Alert 
Manager information service, 
which will be rolled into Cisco’s 
MySDN security information 
Web site. The acquisition is 
expected to be completed early 


Several major Japanese elec- 
tronics makers have formed 

a consortium to study and 
coordinate the use of radio 
frequency identification tags for 
distribution-channel inventory 
management purposes. The 
Home Appliance Electronic Tag 
Consortium will work on guide- 
lines that cover the way in which 
RFID tags are used. 
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NEWS 


IBM Launches 


Self-healing ‘Tools 


Expands autonomic 
computing wares 
BY MATT HAMBLEN 
BM TIVOLI unveiled two 
new self-healing soft- 
ware tools last week, as 
well as a major revision 
of its IBM Tivoli Monitoring 
product, which features a new 
graphical interface to create 
programs that automatically 
respond to system problems. 
Autonomic computing is 
gaining a following among in- 
frastructure managers. Victor 
Kellan is CEO of LAN Solu- 
tions Inc., which provides net- 
work management services for 
about 20 companies. He said 
he’s interested in all three IBM 
self-healing products and has 
been successfully using IBM’s 
Autonomic Management En- 
gine (AME) for about a year. 
“T’m absolutely in favor of 
anything to further automate 
processes,” Kellan said. “Our 
position is that this kind of 
software is the only way to 
control networks as they get 
larger. You can’t keep throw- 
ing bodies at the problems.” 
Using AME has helped 
McLean, Va.-based LAN Solu- 
tions keep costs down while 


NEW PRODUCTS 


IBM Tivoli Monitoring 6.1: 
Manages and automatically 
corrects online applications, 
fixing problems across 

eat tise 


for SOA, CAM for WebSphere 
and CAM for Response Time 


Tracking — that predict and fix 





offering round-the-clock net- 
work management, he said. 
Kellan said LAN Solutions 
has found that many custom- 
ers, especially smaller busi- 
nesses, are unfamiliar with 
autonomic software and tend 
to believe “you've got to have a 
person doing the monitoring.” 
Autonomic and self-heal- 
ing management software 
products comprise an emerg- 
ing niche in the $14 billion 
network and systems man- 
agement global market, and 
sales of such products haven't 
been measured separately, 





said Stephen Elliot, an analyst 
at IDC. He said IBM Tivoli 
primarily competes with Com- 
puter Associates International 
Inc., BMC Software Inc. and 
Hewlett-Packard Co. 

IBM said its new Tivoli 
Monitoring 6.1 oversees and 
fixes IT service-related prob- 
lems in servers or databases 
for online applications such as 
e-mail. 

“We have new capability to 
encode known [problems] in 
systems so if they are encoun- 
tered, you can tell the system 
what action to take,” said Ric 
Telford, vice president of auto- 
nomic computing at IBM. 

The two new products are 
IBM Tivoli Composite Ap- 
plication Manager (CAM) and 
Tivoli System Automation for 
Multiplatforms, Telford said. 


www.computerworld.com 


; System Automation can be 


used to spot failures on servers 
or operating systems that sup- 
port complex applications and, 
using predetermined instruc- 
tions, automatically return 
them to service. System auto- 
mation capabilities have been 
available from IBM for main- 
frame users before, but they’re 
now available for distributed 
systems with Linux, AIX and 
Windows, he said. CAM can be 
used to predict and fix bottle- 
necks that occur in different 
systems connected under a 
service-oriented architecture. 
Tivoli Monitoring 6.1 starts 
at $700 per processor, the 
three versions of CAM start 
at $5,000 per processor, and 
System Automation starts at 
$1,100 per processor. All are 
available now. ® 





Quantum Adds Security to Storage Line 


BY LUCAS MEARIAN 
Quantum Corp. today will an- 
nounce various security fea- 
tures for its tape and disk stor- 
age products — some available 
now and others planned for 
next year — to help IT manag- 
ers do a better job of protect- 
ing stored data from unauthor- 
ized access and disclosures. 

The San Jose-based vendor’s 
technology road map calls 
for data encryption from the 
individual drive level all the 
way up to the array and library 
system. Quantum said it plans 
to unveil in the second half of 
next year native data-encryp- 
tion capabilities through firm- 
ware embedded on silicon in 
the tape drive and on a special 
router on its tape libraries. 

For starters, Quantum will 
announce a partnership with 
Decru Inc. in Redwood City, 
Calif., that will allow Quan- 
tum to resell Decru’s Data- 
Fort encryption appliance to 
encrypt data being backed up 
on Quantum’s tape and disk 
systems. Quantum will also 
offer physical locks on its tape 
libraries and disk drive arrays 
to prevent insider theft. 

Moreover, the vendor plans 
to release DLTSage Tape Secu- 
rity, software that creates an 
electronic authentication key 
that gets embedded on a tape 





cartridge and restricts access 
to the data on that cartridge 
to authorized users. Jim Jonez, 
director of product marketing 
at Quantum, said DLTSage 
Tape Security is a free firm- 
ware upgrade 
that’s available 
now on the 
new DLT-V4 
drive and will 
be standard on 
the upcoming 
release of the DLT-S4 drive, 
which will be available next 
quarter. 

In mid-2006, Quantum will 
add an audit-trail feature to its 
DLTSage software so admin- 
istrators can identify who has 
accessed backup systems. 


Waiting for Users 
Quantum’s technology will 
appeal to any IT manager 
concerned about digital tapes 
falling off delivery trucks, said 
Jon Oltsik, an analyst at Enter- 
prise Strategy Group Inc. in 
Milford, Mass. 

But many companies 
haven't invested in storage 
security. In a recent survey 
of IT managers at more than 
300 companies by Framing- 
ham, Mass.-based GlassHouse 
Technologies Inc., 54% of the 
respondents said they have no 
documented procedures for 


Quantum has attached locks to 
either side of this disk array. 





protecting stored data, 85% 
said they don’t encrypt their 
backup data, and 70% rated 
their data storage security as 
only fair or poor. 

Bill Dedi, senior systems 
administrator 
at Tellabs Inc., a 
$1.2 billion net- 
work systems 
manufacturer in 
Naperville, Iil., 
said storage se- 
curity is a priority in his mind, 
but business executives haven’t 
provided any funding for such 
technologies yet. “Security- 
wise, we don’t have much in 
place,” he said. 

Dedi’s IT group supports 
200 Windows-based servers 
that are backed up to a vir- 
tual tape library, which then 
archives the data to a Quan- 
tum PX720 tape library using 
DLT320 tape drives. Dedi said 
he normally backs up about 
14TB of data weekly. 

While he may not be ready 
to upgrade to Quantum’s up- 
coming encryption technology, 
Dedi said he does plan to use 
the DLTSage Tape Security 
upgrade. He said that, cur- 
rently, there’s a vulnerability 
because any drive can read 
any tape, but with the elec- 
tronic key, “you're not going to 
be able to do that.” » 





Innovations by InterSystems 


Rapid development with robust objects Lightning speed with a multidimensional engine 


Easy database administration Massive scalability on minimal hardware 


One Of Our Database Innovations: 
A Money-Back Guarantee. 


Caché is the first multidimensional database for transaction processing and real-time analytics. Its 
post-relational technology combines robust objects and robust SQL, thus eliminating object-relational 
mapping. It delivers massive scalability on minimal hardware, requires little administration, and 
incorporates a rapid application development environment. 

These innovations mean faster time-to-market, lower cost of operations, and higher application 
performance. We back these claims with this money-back guarantee: Buy Caché for new application 
development, and for up to one year you can return the license for a full refund if you are unhappy, for any 
reason.* Caché is available for Unix, Linux, Windows, Mac OS X, and OpenVMS - and it's deployed 
on more than 100,000 systems ranging from two to over 50,000 users. We are InterSystems, a global 
software company with a track record of innovation for more than 25 years. 


InterSystems » 


CAGE 


Try an innovative database for free: Download a fully functional, non- “me copy of Caché, or request it on CD, at www.InterSystems.com/Cache9A 


© 2005 InterSystems Corporat 
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Security 


security and privacy, analysts 
said. 

While database vendors are 
beefing up security in their 
products, “companies should 
look to third-party vendors 
to supplement additional re- 
quirements that are not yet 
met by DBMS vendors, such as 


database firewalls, assessment, 


simplified encryption and 
granular auditing solutions,” 
Forrester Research Inc. ana- 
lyst Noel Yuhanna wrote in a 
Nov. 29 report. 

Other observers said users 
have focused on guarding the 
entry points to their networks 
when they should be worrying 
about internal threats posed 
by unscrupulous employees 
with high-level access. 

“At Fort Knox, the fuss isn’t 
about who’s guarding the brick 
wall — it’s who’s watching the 
gold,” said Raj Sablach, senior 
vice president of operations 
at Embarcadero Technologies 
Inc. The San Francisco-based 





vendor offers a real-time data- 
base activity monitor that Sa- 

blach said is easier to use than 
built-in tools and doesn’t slow 
the database. 

Other vendors of database 
security tools include Lumi- 
gent Technologies Inc., IP- 
Locks Inc., Guardium Inc. and 
Protegrity Corp. 


Built-in Functions 
Users and analysts agree that 
the latest commercial data- 
bases are much more secure 
out of the box than their pre- 
decessors. 

For example, Microsoft 
Corp. now acknowledges 
that its SQL Server 2000 was 
installed with many security 
features turned off by default. 
Ease of use was the reason, but 
it led to one notorious hole in 
which Windows systems ad- 
ministrator accounts were also 
automatically given adminis- 
trator accounts on SQL Server, 
said Jon Hwang, senior data- 
base administrator at Open- 
Table Inc. in San Francisco. 

“It’s better if vendors as- 
sume you might have a very 


__NEWS 


junior crew of DBAs and pre- 
vent a lot of these loopholes 
upfront,” said Hwang, who 
runs SQL Server 2000 to sup- 
port OpenTable’s Web-based 
restaurant reservations sys- 
tem. He’s testing the 2005 ver- 
sion, which he says provides 
a “dramatic” improvement in 
security. 

Tom Rizzo, Microsoft’s prod- 
uct manager for SQL Server, 
said that besides new features 
such as encryption of data “at 
rest” within the database, SQL 
Server’s configuration tool 
turns off some features, such 
as support for native Web ser- 
vices, to keep inexperienced 
database administrators from 
inadvertently creating security 
holes. SQL Server 2005 even 
challenges administrators who 
try to create accounts without 
passwords by scolding them 
in pop-up messages, though 
it stops short of blocking the 
practice. 

“We think that’s like driving 
at 120 miles an hour without 
seat belts,” Rizzo said. 

But, he added, “we have to 
make SQL Server flexible as 





Database 


Security Trends 
For 2006 


well as secure.” 

Rizzo also welcomed third- 
party providers of database 
security tools. “We are not 
threatened,” he said. “We live 
and die by our partners.” 

Oracle Corp., in contrast, 
suggested that features built 
into its July release of Oracle 
10g R2 — such as identity 


www.computerworld.com 


management, encryption and 
security hole scanning — 
should be enough for users. 

“We already do what most 
of these third-party tools do 
today,” said Paul Needham, 
director of database security 
at Oracle. 

That’s debatable, said Peter 
O’Kelly, an analyst at Midvale, 
Utah-based Burton Group. But 
the trend of database vendors 
adding security features will 
only grow. That could crowd 
out third-party vendors, which 
will have to stay ahead of 
the big vendors in terms of 
features or be content to sell 
to users of older, less-secure 
versions of databases or to 
those who run databases from 
multiple vendors and are seek- 
ing convenient, centralized 
reports, O’Kelly said. 

Whether all of this leads to 
truly increased data security 
depends on database admin- 
istrators following best prac- 
tices using either built-in or 
third-party tools. 

“You can’t expect magic,” 
O'Kelly said. “You still have to 
read the manual.” » 





Continued from page 1 
Ingres 


ists said it’s a bit like déja vu, 
having listened to similar rhet- 
oric when Ingres was acquired 
by CA in 1994. 

“On the face of it, the an- 
nouncement looks good,” said 
Andy Park, information ser- 
vices project manager at the 
Pesticides Safety Directorate 
of the U.K. government, which 
has used Ingres since 1992. 
Park called it “rock solid” and 
less problematic than other 
databases he manages, such as 
SQL Server and MySQL. 

“But what will happen in 
two to three years’ time? Will 
the owners decide to sell the 
product and take their money 
elsewhere? It is a big oppor- 
tunity for Ingres but a risk for 
existing users,” he said. 

Chairman and Interim CEO 
Terry Garnett, an enterprise 
software executive turned ven- 
ture capitalist, on Nov. 7 final- 
ized his takeover of the Ingres 
product line from CA. CA will 





Ingres Corp. 
Majority-owned by venture 
capital firm Garnett & Hel- 
frich; CA retains a 20% stake. 


New owners plan to double the 
100-employee head count. 
Has 8,000 to 10,000 users, 
many outside the U.S. 

Latest open-source version, 
Ingres R3, is free; company 
charges $2,000 per proc- 
essor per year for support. 


retain 20% of the Redwood 
City, Calif.-based firm. 

Ingres’ business strategy 
will be to woo users with its 
comparatively cheap $2,000- 
per-CPU annual support fee 
and target users that are add- 
ing databases, rather than 
tackling the more difficult task 
of convincing them to migrate 
their existing ones, said Chief 
Technology Officer Dave 
Dargo, who, like Garnett, is an 
Oracle Corp. veteran. 

“T am a lot happier about 





their plans for the product and 
how this will benefit us cur- 
rent users, not only in terms of 
raising the profile of Ingres but 
also increased investment into 
the technology,” said David 
Postle, chairman of the U.K. 
Ingres Users Association. 

According to Curt Monash, 
a consultant in Acton, Mass., 
and a Computerworld colum- 
nist, Ingres’ technical features 
fall somewhere between those 
of the big commercial databas- 
es and the leading open-source 
ones. In his blog, DBMS2.com, 
Monash wrote that Ingres R3 

“definitely seems to lag in data 
warehousing,” but it is compa- 
rable with Oracle’s previous 
version, 9i, in terms of online 
transaction-processing fea- 
tures and is “certainly ahead 
of MySQL 5.0.” 

Vendor revenues from open- 
source databases are expected 
to rise from $250 million this 
year to $1 billion in 2008, ac- 
cording to Forrester Research 
Inc. But Ingres must convince 
open-source developers to 
adopt and evangelize for 





Ingres at a time when more 
buzzworthy alternatives such 
as MySQL or Postgres exist. 

Attracting a strong devel- 
oper following failed to hap- 
pen under CA. For example, 
last year, the company offered 
$1 million in prizes to open- 
source developers who created 
migration tools from other 
databases to Ingres, but it was 
only able to give away half of 
the prize money. 

That doesn’t surprise Mark 
Brewer, CEO of Walnut Creek, 
Calif.-based Covalent Tech- 
nologies Inc. 

“Even though Ingres is as 
rich functionality wise as 
Oracle, software developers 
in college don’t think Ingres is 
sexy,” said Brewer. “The only 
community Ingres has is its 
existing user base.” 

That community is much 
smaller today than it was in 
previous years, with only 8,000 
to 10,000 users worldwide, ac- 
cording to Ingres. The North 
American Ingres Users Associa- 
tion has been largely inactive 
for several years, said sources. 





But one Ingres user conference 
last year drew about 150 attend- 
ees, according to Nick Vancas, 
president of Ingres support 
provider Database Management 
Technology Inc., which co- 
sponsored the event with CA. 

According to Park, “CA 
never managed to capture 
the imagination of the open- 
source community. We run 
both Ingres and MySQL 
internally, and Ingres is so 
far advanced in ease of use, 
performance and robustness. 
But when people think of open- 
source databases, they do not 
think Ingres. In my opinion, 
this is the battle that matters.” 

And it’s one they are likely 
to lose, said Peter O’Kelly, an 
analyst at Midvale, Utah-based 
Burton Group. He said Ingres 
will have a hard time “stand- 
ing out,” with open-source 
databases on one side and free 
versions of Oracle and SQL 
Server on the other. 

“J don’t know why Ingres 
thinks they have a lot of run- 
ning room in front of them,” 
he said.» 
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The best'view in the city, the country, the world. 


At one time, DHL had a data ‘center in every country in Which 
it,operated. The result was a massive collection of small IT 
networks—without a mission control. With the help of HP 
Services and HP OpenView software, hundreds of data centers 
became three. By consolidating, DHL is now better able to share 
information, implement IT changes globally and “see” their 
entire network from a single point of control. Now, changé never 


goes. unnoticed. For more on HP’s ‘Consolidation Solutions, visit 
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SUSE™ LINUX 


Enterprise Server 


Define Your Open Enterprise. 


What does Open mean to you? Community? Security? Risk? 
Reward? Can it leverage legacy systems? Consolidate and 
simplify? Do you believe in its power and potential? 
Introducing Novelle software for the open enterprise — 
the only software that makes Open work for you. From 
desktop and data center to identity management, resource 
management and collaboration, our flexible combination of 


open source and commercial software delivers more than 


Novell 


This is your open enterprise.” 
www.novell.com/defineyouropen 


joupWise are registered trademarks; SUSE 
re trademarks of Novell, ir " 
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connect 
allocate 


spread out 


Open Enterprise Server 


open up 
© systems 


open 


exposed centralized 
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Novell 
° Linux Desktop 


scalability 


freedom 


functionality 


flexibility 


integrate 


you ever imagined. The power to automate IT asset 
management. Freedom from single vendor lock-in. Security 
that keeps the right information safe and the right people 
informed. And the ability to connect people to performance 
and business to possibilities. So you can build an open 
enterprise that makes sense for you—and your future. 
This is Novell software for the open enterprise. The 


Open you've wanted ali along 
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Court Puts T-Online 
Acquisition on Hold 


BONN, GERMANY 
GERMAN COuRT last week dealt 
Jeers Telekom AG a setback 
in its effort to reacquire the piece 
of T-Online international AG that it 
doesn’t already own. 

The Darmstadt District Court re- 
jected the Bonn-based firm’s purchase 
of the remaining 26% of T-Online 
until pending shareholder lawsuits are 
cleared. 

Darmstadt-based T-Online was spun 
out of Deutsche Telekom in 1996 under 
its former Online Pro Dienste moniker. 
Deutsche Telekom remained the major 
shareholder of the firm, which changed 
its name to T-Online in 2000. 

Just over a year ago, Deutsche 
Telekom mounted an effort to buy the 
remaining stake in T-Online for €3 bil- 
lion ($3.5 billion U.S.). A 
group of minority share- 
holders contested the 
move, filing more than 25 
lawsuits earlier this year. 

If the merger is com- 
pleted, T-Online will 
remain a separate orga- 
nization responsible for 
developing IP services 
and applications. Last 
month, Deutsche Telekom 
Chief Financial Officer 
Karl-Gerhard Eick said he 
expects to complete the 
acquisition in early 2006. 

@ JOHN BLAU, IDG NEWS SERVICE 


Fujitsu Execs Lose Pay 
Over Exchange Failure 


TOKYO 
OP MANAGERS at Fujitsu Ltd. will 
T see their pay cut as punishment 
for a major computer failure at 
the Tokyo Stock Exchange that delayed 
trading on Nov. 1. 

Fujitsu was blamed by the exchange 
for problems that delayed the start of 
trading for about four and a half hours 
that day. 

The pay of President Hiroaki Kuro- 
kawa will be cut in half for six months 
while the salary of two vice presidents, 
Michiyoshi Mazuka and Koichi Hi- 
ronishi, will be cut by a quarter for the 
same period, the company said. 

The computer glitch was traced back 


NEWS | 
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| to the incorrect patching of a file in 
mid-October during an upgrade to the 
trading system. A bug was found in 

an existing program, but Tokyo-based 
Fujitsu provided incorrect instructions 
| on how to patch it, according to the 
exchange. 

The punishments dished out by 
Fujitsu closely mirror those imposed 
earlier on senior executives at the stock 
exchange. 
| M MARTYN WILLIAMS, IDG NEWS SERVICE 


Consortium to Build 
s s 

$3B Indian Chip Plant 
BANGALORE, INDIA 

CONSORTIUM OF investors is 
Appin to raise up to $3 billion 

to build a semiconductor fabrica- 
tion plant in India in collaboration with 
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the Indian government and Advanced 
Micro Devices Inc. 

The consortium, called 
SemIndia Inc., hopes to 
tap into a growing Indian 
demand for semiconduc- 
tors, which officials said 
could be worth up to 
$15 billion for logic chips 
alone in 10 years. The 
group last week said it has 
yet to decide on a location 
for the plant. 

SemIndia officials also 
declined to identify its in- 
vestors, but sources have 
indicated that they will include private 
investors, the Indian government and 
possibly Sunnyvale, Calif.-based AMD. 

SemIndia also said last week that 
it has signed an agreement to license 
AMD’s process technology for use in 
the plant. The agreement also calls for 
AMD and SemIndia to jointly develop 
and market semiconductor products 
for India. 

The new plant will make micro- 
processors for PCs and logic chips for 
mobile phones, set-top boxes and other 
devices. 

@ JOHN RIBEIRO, IDG NEWS SERVICE 


Samsung May Face 





Probe for Apple Deal 


SEOUL 
OUTH KOREA'S Fair Trade Com- 
mission is reviewing whether 


to launch an investigation into 





| Samsung Electronics Co. following 


press reports that it sold NAND flash 
memory chips to Apple Computer Inc. 


| at below-market prices. 


A commission official said he ex- 
pects a decision on whether to investi- 
gate the matter to come early next year. 

Yi Seuk-joon, who heads the Com- 


| petition Policy Division of the com- 


mission, said there have been no 
complaints yet from competitors. The 
review was prompted by reports in the 


| local South Korean press that alleged 


unfair pricing of chips, which could 
hurt smaller rivals. 

Yi said that it was too early to dis- 
cuss possible penalties facing Samsung. 

A Samsung spokesman said that the 
company is cooperating with authori- 
ties but would not comment further. 

Samsung began supplying NAND 
flash memory chips to Cupertino, 
Calif.-based Apple in the third quarter. 
The chips are used in some of Apple’s 
iPod music players, such as the Nano 
and Shuffle, which store data on flash 
memory. 


Dutch Firm Launches 
Net Address System 


AMSTERDAM 

DUTCH COMPANY has launched a 
A: Internet addressing service 

that does away with common 
top-level domains (TLD), such as .com 
and .edu, and allows Internet addresses 
to end with the name of a business or 
virtually any other word. 

Amsterdam-based UnifiecdRoot 
S&M BV said it has set up 13 master 
root servers around the world to run its 
Domain Name System, which will run 

“in parallel” with the principal Internet 
DNS run by the Internet Corporation 
for Assigned Names and Numbers. 

UnifiedRoot said it doesn’t plan to 
register domains that are already reg- 
istered by Marina Del Rey, Calif.-based 
ICANN. 

The effort requires cooperation from 
Internet service providers, which must 
update DNS server directories in order 
for them to include UnifiedRoot’s DNS 
servers. Without that service provider 
help, end users would have to recon- 
figure individual PCs to recognize the 
UnifiedRoot TLDs. 

UnifiedRoot won't register TLDs 
that infringe on another company’s 
intellectual property, such as a trade- 
mark, it said. Amsterdam-based TMF 
Group will oversee the effort’s registra- 
tions and financial management. 

@ JAMES NICCOLAI, IDG NEWS SERVICE 
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Briefly Noted 


China.com Inc. has promoted Albert 
Lam to CEO, replacing Rudy Chan, 
who is leaving the company. Lam 
had been China.com’s president and 
chief operating officer and was CEO 
of its Newpalm (China) Information 
Technology Co. unit. China.com, a 
subsidiary of CDC Corp., sells mul- 
timedia message services and wire- 
less application protocol products. 


m SUMNER LEMON, 
IDG NEWS SERVICE 


Achievo Corp. in Dublin Calif., has 
agreed to acquire Chinese out- 
sourcing provider Jeyo Computer 
Technology Ltd. for an undisclosed 
sum. Achievo, also an outsourcing 
service provider, said the purchase 
of Guangzhou-based Jeyo will help 
expand its technical resources in 
China, where it already has opera- 
tions in Beijing, Shanghai, Dalian 
and Shenzhen. 


Two former presidents of Sanyo 
Electric Co., Sadao Kondo and 
Yukinori Kuwano, have resigned 
from the Osaka, Japan-based 
company’s board of directors. 
Sanyo has been restructuring in 
the wake of widening losses. Its 
plans call for cutting Sanyo’s 
workforce by 15%, or 14,400 
workers, over the next three years. 


ANZ Banking Group Ltd. in Sydney, 
Australia, has confirmed plans to 
increase its offshore workforce in 
india from 650 to 1,000 over the 
next 18 months. ANZ said the bank 
plans to shift an undetermined 
number of IT back-office positions 
to the Bangalore operation as part 
of the move. 


@ SANDRA ROSSI, 
COMPUTERWORLD AUSTRALIA 
Elitegroup Computer Systems Co., 
a Taipei, Taiwan-based contract 
electronics manufacturer, has 
completed the purchase of Tatung 
Co.'s desktop computer division. 
Elitegroup said the NT$6.7 billion 
($200 million U.S.) acquisition will 
increase its manufacturing capac- 
ity of notebook and desktop PCs for 
resellers such as Hewlett-Packard 
Co. Tatung is also based in Taipei. 


mw DAN NYSTEDT, 
IDG NEWS SERVICE 


Page compiled by Mike Bucken. 
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(Can you at least show a hint of panic?) 


When you need to upgrade your network security, it’s nice to know you can count on CDW. Our account managers and 
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Cerf Explains Google's 
Plan for the Enterprise 


Says new information-based tools 
can help users control corporate data 





BY JUAN CARLOS PEREZ 
NTERNET PIONEER Vinton 
Cerf, Google Inc.’s chief 
Internet evangelist, is in 
the midst of an effort to 

help his company through 

several challenges, including 
its aspirations to penetrate the 

IT enterprise. Cerf, co-creator 

of the TCP/IP protocol, talked 

about Google’s plans in a re- 
cent interview. 


As Google broadens its menu of 
services beyond search to areas 
such as blogging, Web mail, Wi-Fi 
access and instant messaging, does 
it risk losing its focus? Absolutely 
not. The focus isn’t simply on 
search. The focus is on mak- 
ing information discoverable 
and useful, so all of these 
things you see happening 

at Google are side effects of 
expanding on the original 
paradigm, which was making 
search an effective tool. Now 
we're looking at how to make 
other information activities 
more effective and relevant. 


How important is Google’s strategy 
of gaining enterprise IT business 
with products like Search Appli- 
ance and the Google Mini? The 
opportunity there is to deliver 
this capability to a fairly broad 
range of enterprises, from 
very small to very large. The 
ability to help people organize 
information, especially un- 
structured information, is a 
very powerful tool — and our 
ability to package that up and 
deliver it to an enterprise is 
going to be very well received. 
It takes what we learned in the 
general Web space and allows 
us to apply it to corporate in- 
formation. 


How will Google diversify its rev- 
enue sources beyond paid search 
advertising? It is always a 


good idea to understand how 





dependent you are on your 
revenue streams and whether 
there could be more diversi- 
fication. 

However, we have a very 
long way to go before we have 
exhausted that segment of [the 
overall advertising market] 
that we have reasonable access 
to. I’m not suggesting compla- 
cency at all, but I’m suggesting 
we have some ways to grow in 
our current business model on 
a global scale before diversifi- 


cation becomes an issue. 


As Google grows, can it continue 
to innovate as it competes 
with both large competitors 
and start-ups? You won't 
find Google resting on 
any of its laurels and 
letting the grass grow. 
Our job is to stay alert 
to new opportunities 
and new ideas, not just 
in the search space, but 
in the more general 
space of handling infor- 
mation. 
We'll continue to hire the 
best and brightest people we 


can. We'll give them freedom 
to explore and interact with 
each other, and we hope we 
can maintain an atmosphere 
that is comparable to the kind 
of atmosphere you see in small 
start-ups. 

If we can stay, as we have 
been, a company of start-ups, I 
think we'll be able to compete 
quite effectively. 


Since early last year, Google 
has been involved in a 
stream of controversies, 
such as The Authors Guild’s 
recent lawsuit claiming 
that Google Print Library 
infringes on patents. How 
is Google handling such 
disputes? Part of my job 
is to try to make that 
better. On the Google 
[Book Search controversy], I 
don’t think we explained as 
carefully as we should have 


IT Detective Work Helps End WAN 
Slowdown for Construction Firm 


Management app 
finds that Internet 
radio is the culprit 


BY MATT HAMBLEN 

When users at Perini Corp. 
complained early this year 
about slow performance when 
using critical hosted project 
management software, IT 
managers scratched their 
heads and undertook a little 
detective work. 

“Truthfully, when people 
say the Internet is slow, you 
have no idea what’s going on,” 
Kim Holden, IT director at 
the Framingham, Mass.-based 
global construction company, 
said last week. “There are a lot 
of finger-pointing exercises.” 

More than 250 workers at 
Perini’s corporate headquarters 
use Primavera Systems Inc.’s 
Expedition project manage- 
ment software. It is hosted by 
LoadSpring Solutions Inc., an 
application service provider in 
Lawrence, Mass., on servers ac- 
cessed over T] links ina WAN. 

“With third-party host- 
ing, you’re never sure if the 





problem is on their end, so you 
have to eliminate some of the 
causes and make sure you're 
not just shooting in the dark,” 
Holden said. Expedition, wide- 
ly used in the construction 
industry, wasn’t considered 
the culprit. 

To find and fix the problem, 
Perini’s small IT staff first 
looked at using intrusion- 
detection software and then 
eyed packet shaping to im- 
prove network performance. 
The staff decided instead to 
use traffic management soft- 
ware, choosing Converted 
Traffic Manager (CTM) from 
Converged Access Inc. in Bil- 
lerica, Mass. 

Holden said the CTM soft- 
ware can create traffic catego- 
ries based on business priori- 
ties, a key requirement for her 
group. 


Setting Priorities 

The software, installed in Au- 
gust for less than $10,000, pri- 
oritizes WAN traffic based on 
Perini’s list of the most critical 
traffic streams, Holden said. 
E-mail and voice over IP (VoIP) 





% We discovered 
people were lis- 
tening to radio online 
more than | thought, 
and that was taking 
most of the traffic. 


KIM HOLDEN, IT DIRECTOR, 
PERINI CORP. 


between Framingham and 
other Perini offices around the 
world were judged to be the 
highest priority. FTP traffic 
was given a medium to low 
priority, and the lowest prior- 
ity was given to user access to 
Internet radio sites, she said. 

“We discovered people 
were listening to radio online 
more than I thought, and that 
was taking most of the traffic,” 
Holden said. 

Once Internet radio traffic 
was relegated to the lowest pri- 
ority, its performance dropped, 
as did the number of people 
listening to it. 

“T didn’t have to slap any- 
body’s hands and say, ‘No, you 
can’t listen to Internet radio, ” 
Holden said. In fact, users sim- 
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how this was going to work 
and how we would protect the 
interest of the publishers. And 
the publishers have leapt to 

a conclusion that is not sup- 
ported by what we’re trying 
to do. 

Part of my job is to articu- 
late that more carefully, and 
I hope we can overcome the 
concerns that have been ex- 
pressed. 

In general, Google will face 
these kinds of issues in the 
future. We’re dealing with an 
enormous quantity of infor- 
mation. Anytime you're deal- 
ing with information that is 
provided by people or is about 
people, you’re going to en- 
counter some controversy. We 
need to learn how to cope with 
that more effectively. » 


Perez is a reporter for the 
IDG News Service. 


ply stopped using Internet ra- 
dio when performance lagged. 

“We haven’t heard a ‘boo’ 
from anybody since CTM 
was put in place,” Holden said, 
noting that her staff no longer 
must spend significant time 
logging complaints into the 
project management software. 

Perini is considering using 
other Converged Access prod- 
ucts next year to compress 
VoIP traffic between global 
offices, especially in Iraq, Af- 
ghanistan and several U.S. 
locations, she said. 

The market for WAN traffic 
management is growing, since 
customers can see sizable 
results from a relatively small 
investment, said Matthias Ma- 
chowinski, an analyst at Info- 
netics Inc. in Campbell, Calif. 

The market for such prod- 
ucts is small compared with 
the overall routing market and 
is currently valued in the “low 
hundreds” of millions of dol- 
lars annually, he said. 

Other companies offering 
such tools include Packeteer 
Inc., Allot Communications 
Inc., Expand Networks {nc., 
Peribit Networks Inc., which 
was recently purchased by 
Juniper Networks Inc., and 
Swan Labs Corp., which was 
recently purchased by F5 Net- 
works Inc.® 
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M GET THE FACTS. 


RAYOVAC CHOSE WINDOWS SERVER 
SYSTEM AND EXPECTS TO SAVE NEARLY 
ONE MILLION DOLLARS 


“By choosing Windows Server™ over Linux for our 
new SAP APO solution, we'll save an estimated one 
million dollars in software, staffing, and support costs 
over the first four years. We needed performance, 
security enhancements, and reliability at a reasonable 
price, and Linux would have presented additional 
risks in all of those areas. It may be the new thing 
from a technical perspective, but Linux doesn't cut 
it from a business perspective—! need a proven IT 
environment that I'm sure we can support.” 


—Rick Dempsey, Chief Information RAYOVAC’ 
Officer, Rayovac 


For these and other third-party findings, go to 


a 


Microsoft® a 
Windows 
Server Systemy 


, mar oti soft. + Windows logo, Windows Server, and Windows Server System are either registered 
Microsoft Ci wif ine United States and/or other countries. The names of actual companies and products mentioned 


i be ‘i tadetdarks of thelt respective owners. 
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If yOu wonder what FT Gates, Jonn Chambers, Art Coviello and Scott McNealy are doing this February, 
wonder no more. RSA Conference 2006 features more than 275 exhibitors, 200 classes and over 14,000 
attendees in search of the latest techniques and tools from the best and brightest information security 


professionals. If your job involves information security, RSA Conference 2006 is the best place on the 
planet for education, empowerment and enlightenment. 


Register by January 13 and save $400 off the standard registration rate. 
www.rsaconference.com 


The World's Leading Information Security Conference and Expo 
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Oracle Applications User Group Adds 
Four PeopleSoft Organizations to Roster 


But still trails Quest in sign-up efforts 





BY MARC L. SONGINI 

As Oracle Corp.’s acquisition 
of PeopleSoft Inc. nears the 
one-year mark, some People- 
Soft user groups are starting 
to link up with the Oracle Ap- 
plications User Group. 

The OAUG, an independent 
group based in Atlanta, said 
late last month that four of 
the many PeopleSoft user 
groups have joined it in recent 
months. 

Elizabeth Stephens, chair- 
woman of one of those groups, 
PeopleSoft Credit & Accounts 
Receivable Experts, said link- 
ing up with the OAUG was a 





“no-brainer. We're all part of 
Oracle now.” 

Stephens is a senior busi- 
ness analyst at Reed Business 


| Information, which uses the 


PeopleSoft 8.9 financial ap- 
plication. 

Patricia Dues, president of 
the OAUG, said in a statement 
yesterday that her organiza- 
tion “is focused on integrat- 
ing new user groups into the 
Oracle family.” 

Dues, a project officer in 
the Las Vegas city manager’s 
office, said the OAUG contin- 
ues to reach out to PeopleSoft 
groups. 


At the time Oracle bought 
PeopleSoft nearly a year ago, 


PeopleSoft was helping to fund | 
| about 170 loosely affiliated user | 


groups. Most of those groups 


| were managed by PeopleSoft’s 


International Customer Advi- 
sory Board (ICAB). 

The PeopleSoft CRM User 
Group last month became the 
latest organization to join the 


| OAUG. Others that have linked 


up with the OAUG in recent 
months include the People- 


| Soft Healthcare Industry User 
Group and the PeopleSoft Ac- 


counts Payable user group. 
Meanwhile, the OAUG in 

September formed the Oracle 

Retail Users Group for the 
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customers Oracle inherited 


| when it bought Retek Inc., a 
maker of software for retailers. 


Input Into Fusion 


The OAUG said the moves 
| will give the groups input into 


the development of Project Fu- 
sion, Oracle’s effort to create 


| aset of best-of-breed applica- 
| tions based on products from 
| the companies it has acquired. 


The 15-year-old OAUG can 


| provide PeopleSoft users with 


a process for direct communi- 
cation with Oracle officials on 
matters such as product devel- 
opment and pricing, said Ste- 
ven Hughes, the organization’s 
executive director. 
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Though the OAUG is hav- 
ing some success in signing 
up PeopleSoft user groups, 
Hughes estimated that there 
are still some 125 groups that 
remain independent. They 
are established on the basis of 
product, region or industry. 

The OAUG isn’t the only 
Oracle user group reaching out 
to PeopleSoft customers 

The Lexington, Ky.-based 
Quest International Users 
Group, which represents users 


| of the J.D. Edwards ERP soft- 
| ware now owned by Oracle, 


announced in June that it 
would work with ICAB to sign 


| up members. 


At the time, ICAB officials 


| made clear that its affiliates 
| were also free to join the 
OAUG. Some 60 of the groups 


have so far affiliated with 
Quest, said John Matelski, a 
board member. ® 


IT supports and controls the 


applications that run the business. 


software 
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OPINION 


DON TENNANT 


Bold Decisions 


AST week, Computerworld reporter Marc 
L. Songini brought to my attention an ex- 


cellent two-part article by Michael Massing 


on the sorry state of news reporting in the 
.S. Massing’s piece, which appeared in 
The New York Review of Books (www.nybooks.com), 


faults print and broadcast news organizations for a lot 


of things, but especially for their timidity. 


“Today’s political pres- 
sures too often breed in 
journalists a tendency 
toward self-censorship,” 

Massing writes, “toward 

shying away from the 

pursuit of truths that 

might prove unpopular, 

whether with official 

authorities or the public.” 

He’s particularly critical 

of the U.S. media’s poor 

record on international 

coverage. “After Septem- 

ber ll, there was much 

talk about how the networks had to 
recover their traditional mission and 
educate Americans about the rest of 
the world,” Massing notes, “yet one 
need only watch the evening news 
for a night or two to see how absurd 
were such expectations.” 

Indeed, covering unpopular top- 
ics is risky for any media outlet, and 
few topics in IT are more unpopular 
than offshore outsourcing. So I have 
little doubt that our feature “Working 
Through the Pain” in this week’s is- 
sue (page 46) will ignite another anti- 
offshore firestorm. After all, the story 
by Patrick Thibodeau and Thomas 
Hoffman is all about “learning how 
to get better results offshore.” That 
means a lot of ire will be directed at 
our newsroom for “selling out” the 
IT profession we're here to serve. 

Many will argue that we should 
stop greasing the skids — that we 
should restrict coverage of corporate 
best practices or lessons learned 
by companies engaged in offshore 
outsourcing. Otherwise, they reason, 
we’re nothing more than accomplices 
in the effort to export U.S. jobs. 

The truth of the matter, unpopu- 





lar as it may be, is that 
offshore outsourcing 
is an economic fact of 
life. You can disagree 
with it, you can resent 
it, you can fester over it. 
But you can’t fight it any 
more than you can fight 
getting older. Corporate 
America must have the 
offshore outsourcing op- 
tion in order to be com- 
petitive, and it has to be 
competitive if it’s going 
to sign the paychecks of 
U.S. workers. Further, IT decision- 
makers need to learn from the ex- 
periences of their peers so they can 
make their own businesses success- 
ful. Facilitating that sharing of expe- 
riences is why we in this newsroom 
do what we do. So when we present 
an offshore outsourcing “how-to,” we 
do so with no apology. 
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We also do so with the conviction 
| that it is incumbent upon those same 
IT decision-makers to find answers 
to the difficult questions that arise 
when loyal IT workers stand to be 
displaced. Finding the answers re- 
quires a willingness to invest in the 
requisite training programs that will 
| afford those workers the opportunity 
to gain the IT skills that are in high- 
est demand. 

Identifying those skills requires 


cording to an October report from 
research firm Foote Partners on hot 
IT jobs and skills in the third quar- 
ter of 2005, the hottest skills were 
in areas such as security, extreme 
programming, VoIP and storage-area 
networking. More important are the 
nontechnical skills that Foote Part- 
ners predicts will be the most highly 
prized in the next 12 months. Top- 
ping that list: project management 
— especially, interestingly enough, 
global project management. 

Let’s hope the IT profession does 
a better job of making the bold deci- 
sions our global reality demands 
than the journalism profession has 
done. Timidity has no place in either 
field.» 
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IT TAKES A Few 
TIMES TO GET THE 
HANG OF IT, 


some legwork, but it can be done. Ac- 
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LETTER: TO ERE 
EDITOR IN CHIEF 


Look Past the 


Acronyms and 
Marketing 


CA’s Mark Barrenechea writes in re- 
sponse to Don Tennant’s Nov. 28 edito- 
rial, “Dear John,” an open letter to CA 
CEO John Swainson. 


IKES! YOU were pretty 
tough on CA's EITM 
(Enterprise IT Man- 


agement) vision last week. 
But CA is delivering something of 
significant value here for Computer- 
world’s readers, so I'd like to submit 
a few ideas for your — and their 
— consideration. 

First, we know that IT organiza- 
tions already devote a significant 


| CARESPONDS | thei ime 


their time and 
resources to 
enterprise management. We’ve talked 
to a lot of customers and wouldn't 
be a leading vendor of enterprise 
management solutions if we weren't 
in touch with what goes on in the 
trenches. In fact, we know that IT or- 
ganizations spend too much time and 
money managing and securing their 
environments instead of investing 
in innovations that return business 
value. That’s why we're delivering 
solutions that streamline operations 
and help ensure that technology 
investments are well aligned with 
business imperatives. The best way 
to do this is with integrated suites of 
software, not dozens of nonintegrated 
point solutions. 

Second, the challenges IT organiza- 
tions face are more complex than ever 
before. It’s always been difficult to get 
an end-to-end view of the application 
delivery chain across an infrastruc- 
ture comprising servers, networks, 
storage resources and software com- 
ponents — each of which is typically 
instrumented with different manage- 
ment tools. But as IT organizations 
have piled up successive generations 
of technology, the challenge of enter- 
prise management has become even 
greater. In fact, it has now reached 
a tipping point where the challenge 
of managing any new generation of 
technology has become a major inhib- 
iting factor to adopting it. 
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A more holistic and simpler approach 
to managing multiple generations and 


categories of technology is essential not | 


only for maintaining service levels and 
reducing total cost of technology own- 
ership, but also as a critical enabler of 

IT innovation. !n other words, if you’re 
struggling to manage what you already 


have, you’re probably disinclined to add | 


more to the mix. 

So EITM is strategically important 
to Computerworld readers seeking to 
achieve competitive differentiation by 
allocating resources where they will 
generate maximum value. Or, to put it 
bluntly, this isn’t your father’s Unicen- 
ter. Criticizing CA for unveiling EITM 
is a little like criticizing Apple for in- 
troducing the iPod. People had already 
been listening to music for years, but 
something new was happening in the 
market — and Apple responded, just as 
CA is responding to its core market. 

I suggest that you look past the acro- 
nyms and marketing and examine the 
actual solutions CA is delivering. CA 
understands the management needs 
of today’s IT organizations better than 
anyone. We have a clear vision for their 
future. And, with the 26 EITM-enabled 
solutions we unveiled at CA World, we 
are delivering on that vision. 

In addition, while we appreciate your 
concern about CA backsliding when it 
comes to customer-centricity, nothing 
could be further from the truth. Again, 
you criticized the “message” CA is 
sending by restructuring its customer 
care processes. We’re more focused on 
the actual quality of the support and 
service we deliver. We can assure you, 
this restructuring will substantively 
benefit our customers and give CA 
even greater visibility into the evolving 
needs of the market. 

Mark Barrenechea 
Executive vice president of technology 
strategy, CA, Islandia, N.Y. 


DAVID MOSCHELLA 


IT Moving 
Into Its Latest 
Up Cycle 


)U DON’T have to be a 
weatherman to detect 
a touch of froth in the 


air. For the first time in more 
than five years, the IT industry press is 
pretty much all positive, with the eyes 
of the Internet world focused on the 


future. There is even talk 
about IT being “disruptive” 
again. Has a new up cycle 


| begun, perhaps even a mini- 
| bubble? It would seem so. 


Remember after the 
bubble burst how people 
predicted the demise of 
Amazon, Yahoo and all the 


| other online-only ventures? 


Obviously, this hasn’t hap- 
pened. More often than 


| not, the major dot-coms 


have routed their brick-and- 
mortar competitors, and 
their ranks have continued 
to grow. Apple’s iTunes 
came out of nowhere to transform the 
music industry, Google is generating 
bubblelike fortunes, and tiny Skype 
has shown just how vulnerable the 
telephone business really is. In Silicon 
Valley, the venture capitalists are once 
again touting the giants of tomorrow, 
and another hiring frenzy has begun. 
Symbolically, Bill Gates has writ- 
ten another one of his famous “leaked” 
memos. If you haven’t seen either 
Gates’ recent e-mail or the much longer 
one by Microsoft CTO Ray Ozzie, they 
lay out three major new threats/oppor- 
tunities for Microsoft: the emergence 
of the Web as a platform (what’s gener- 





ally known as Web 2.0), the 
power of advertising-based 
IT business models not just 
for consumers but for the 
enterprise, and the many 
strengths of providing soft- 
ware as a service. Taken 
together, these trends 
constitute a more serious 
challenge to Microsoft than 
Netscape once did. 

People always forget just 
how cyclical the IT indus- 
try really is. Looking back 
over just the past 25 years, 
there have been four peaks 
and valleys. There was the 

five-year boom that corresponded with 
IBM’s last heyday from 1981 to 1986, fol- 
lowed by a five-year trough until 1992 as 
U.S. companies felt the pressure from 
Japan. Then came the long Internet- 
driven boom and eventual burst of the 
bubble in 2000 when the perceived false 
alarms of Y2k, the excessive hype of 
the dot-com craze and the shock of 9/1i 
put the brakes on technology spending 
and shortened business horizons. This 
downturn now seems to be over. 
Someday, historians might well 
conclude that the nadir of this last 
down cycle was the publication of Nick 
Carr’s controversial article “IT Doesn’t 





Matter” in the Harvard Business Re- 
view in the spring of 2003. Could you 
imagine such a piece being written in, 
say, 1998? While the article was never 
persuasive, it captured the spirit of its 


| time, expressing a pessimism as exces- 


sive as the bubble itself. Indeed, Carr’s 
article can be seen as an insult gone 


| too far, and since then, the prospects 


for the IT business have been steadily 


| improving. 


History suggests that such up cycles 


| tend to last at least five years, and thus 


a powerful period of progress may 
well lie ahead. I have been arguing for 
some time that the next 10 years in the 
IT business will have more impact on 
business and society than the previous 
10. When you consider that 10 years 
ago there was little e-mail, almost no 
e-commerce and very limited mobility, 
this is not an insignificant statement. 
But as the power of the Web becomes 
ever more apparent, one can once 
again make such statements without 
getting laughed out of the room. Just 
don’t mention the phrase “new econo- 


my.” That was always a loser. ? 





| WANT OUR OPINION? 


More columnists and links to archives of previous 
columns are on our Web site 


www.computerworld.com/columns 





H-B Vi 

T’S TIME to call the industry's 

bluff on the so-called shortage 
of IT professional jobs in the U.S. 
As a price for doubling the H-1B 
limit, a system should be set up 
in which a registry of qualified 
and jobless IT professionals is 
maintained. For each entry on 
the jobless registry, the H-1B limit 
would be reduced. Thus, industry 
will have to put up or shut up 
Louis A. Carliner 
Spring Hill, Fla. 


AND MANY others were laid 

off because a Texas company 
outsourced our jobs to India, 
Poland and China, and now our 
government wishes to pour salt 
into our wounds by increasing the 
H-1B limit [“Senate Panel Votes to 
Boost H-1B Visa Limit by 30,000,” 
Oct. 21, Computerworld.com]. For 
some of us, the job search has 
been difficult. It's not because we 
are not qualified, but that we are 
too old, made too much money, 
are overqualified and had front- 


| their mundane offerings. Many 
| of my fellow workers have taken 


| ogy area for as little as a quarter of 
| what they used to be paid. 


Dallas 


| visa holders and the like). Since | 


| and comprehensive coverage of 


xpansion 


line technology jobs that would, 
in prospective employers’ eyes, 
leave us prone to boredom with 


positions outside of the technol- 
Ronn Williams 


WOULD LIKE to introduce 

your readers to my “Bell Initia- 
tive” aimed at improving H-1B 
hiring practices. The core ideais a 
mandatory certification of foreign 
nonimmigrant IT workers (H-1B 


introduced it in 2003, | have up- 
dated and revised it with several 
additional provisions. You can 
read the entire initiative at http;// 
alexanderbell.us/Initiative/IT.htm, 
but the following are the core ideas: | 

® Develop a unified certificate of | 
IT professional and a correspond- 





ing curriculum with an objective 


modern technology and newer 

technology trends as they emerge. 
@ |mplement mandatory certi- 

fication of foreign nonimmigrant 


| IT workers in a process similar 


to what's now done for medical 


| doctors. 


Alexander Bell 
President and CEO, Infosoft 
International Inc., New York 


' TreasuryDirect 


System Not Secure 


HE FEDS are being some- 
what hypocritical in imposing 
stricter user authentication 


| standards on everyone else 


while failing to do so in their own 
massive TreasuryDirect system 
(www. TreasuryDirect.gov) [“Banks 
Get New Online Authentication 
Guidelines,” Oct. 20, Computer- 
world.com]. TreasuryDirect allows 


} access to user accounts with only 


an account number and taxpayer 
identification number, two pieces 


| of information that are used 


without change for decades and 


| that may be available to hundreds 


of people, from family members 
and snoopy household workers to 
accountants and their employees 
and janitors, IRS employees and 
mail thieves. Considering the 

| amount of money involved with 

| each TreasuryDirect account, | 

| wouldn't be surprised to hear that 

| some person had managed to ac- 
cumulate numerous valid account 

nurnber/taxpayer ID pairs to steal 

| amassive amount of money 
Michael W. Szkaradek 

| Attorney and CPA, 

| Santa Ana, Calif. 


COMPUTERWORLD welcomes 

| comments from its readers. Letters 

| will be edited for brevity and clarity 

| They should be addressed to Jamie 
Eckle, letters editor, Computer 

| world, PO Box 9171, 1 Speen Street, 

| Framingham, Mass. 01701. Fax 
(508) 879-4843. E-mail: letters@ 
computerworld.com. Include an 

| address and phone number for im- 
mediate verification. 


For more letters on these 
| and other topics, go to 
| www.computerworld.com/letters 





Oracle Fusion Middleware 


Engineered to 
Work Together 


COMMON 


Enterprise Portal Installation 


Provisioning 





| ‘Identity Management Management 


Upgrading 


Testing 


Oracle Fusion Middleware 
Hot-Pluggable. Comprehensive. 


ORACLE 


oracle.com/middleware 
or call 1.800.ORACLE1 


Copyright © 2005, Oracle. All rights reserved. Oracie, JD Edwards and PeopleSoft are registered trademarks of Oracle Corporation and/or its affiliates. Other names may be trademarks of their respective owners. 
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FUTURE WATCH 
Getting Real 


A university project for the U.S. Department of Defense 
aims to develop models that can analyze scenarios — such 
as war games and chess games — that are so complex that 
they stymie conventional methods and choke the fastest 


supercomputers. PAGE 34 


SECURITY MANAGER'S JOURNAL 

peep haten Se 

For Laptop Encryption 

Mathias Thurman and his project team 
choose a security vendor, taking a big step 
toward protecting their company’s intellec- 


tual property. PAGE 38 


HONORS SHOWCASE | 
Data From the Heavens 


The European Southern Observatory 

has developed a system to manage 
data gathered from outer space, where | 
information can be as expansive as the 


galaxies themselves. PAGE 32 


LAW AND | 


ON THE OPEN-SOURCE RANGE 


Fraught with complexity and risks, licensing is one of the trickiest 
issues on the open-source software frontier. By Mark Hall 


EARS AGO, when Charlie Brenner | 
encountered open-source tech- 
nology, he saw a great opportu- 
nity, but he also saw some danger. 
Free, effective source code was great, but 
Brenner recognized that there would be 
added complexity in managing what he 
calls “the Wild West environment” of open- 
source licensing, primarily licenses that 
force you to turn your own private code into 
open-source if you violate their provisions. 
“We don’t want to have our proprietary 
code dragged into the public domain,” says 
the vice president of the Fidelity Center for 
Applied Technology at Boston-based Fidel- 


should design, code and test applications 
in ways that let you use open-source tools 
while complying with the extra layer of 
licensing complexity. 

“People move to the complexity issue too 
fast,” insists Eben Moglen, chairman of the 
Software Freedom Law Center in New York 
and a key contributor to the update in prog- 
ress to the GNU General Public License 
(GPL), which is said to cover at least 70% of 


Best Practices and Questions to Ask Before Using Open-Source 


ity Investments. 

Still, Brenner and others argue that the 
value of open-source tools greatly out- 
weighs the extra hoops the licensing struc- 
tures force you to jump through. They’ve 
learned that you should start jumping 
through the hoops before coding begins by 
establishing a written development process 
when open-source is involved. Next, you 





® Consider using tools that determine 
whether your code includes open-source. 
= Will all your software pass an au- 
dit during a merger or acquisition? 
® Determine how software will be distributed. 
= fs there a chance your code will 
be used by partners, suppliers or 
customers outside 


® Create a remediation process for soft- 


ware that incorrectly includes open-source. 
= Do you have a process to handle 
exceptions? 


: ™ Perform code audits. 
: Do 


: w Establish a central group to develop 
: corporate polices on acceptable use of 


have the to 
open-source in your code? - 


you rather wee products aie the, 
firewall? 


® Create a list of licenses that are accept- 
able as a guide for developers to choose 
open-source projects. 

® Are you to release 

code to the undies 
rewrite? 
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the 100,000-plus open-source projects 
listed on SourceForce.net. 
He argues that the primary objective 
of open-source licensing is “to protect 
users’ rights.” 

True, but that protection comes at 
a price for IT because, like it or not, 
open-source licensing does add com- 
plexity to any application development 
effort. So much so that some CIOs raise 
barriers against open-source software. 
It’s one of the major reasons why Rob- 
ert Urwiler, CIO at Macromedia Inc. 
in San Francisco, says, “It’s an uphill 


battle for open-source to get in through 


my door.” 


Risky 
Business 


WHEN MAJOR TECHNOLOGY ven- 
dors smiled upon open-source, even 
conservative companies gave the soft- 
ware a green light for internal use 

“What helps is that we're a main- 
frame shop, and when IBM comes in 
and says open-source is good, it's like 
the pope blessing it,” says John Welch, 
open systems administrator at Kansas 
City Life Insurance Co. in Missouri. 

But that blessing is not a dispen- 
sation from the risks involved, says 
Daniel Egger, CEO of Open Source Risk 
Management Inc. in New York. “Forces 
that are hostile to open-source have 
exaggerated the risk,” says Egger. “But 
it would be false to say the risk is zero.” 

He says that in some cases, if you're 
caught distributing open-source code 
that you've modified or combined with 
your own, the license can compel you 
to release all of your related code into 
the public domain. After Cisco Systems 
Inc. bought Linksys, it discovered that 
Linksys had violated the GPL, and it 
had to unveil what it had hoped would 
be proprietary code as open-source 
software. 

Egger's firm works with third-party 
insurers to offer up to $10 million in 
risk insurance in case your company 
botches an open-source license restric- 
tion. But it will also protect you against 
a SCO-like attack on open-source. SCO, 
he points out, has been clumsily trying 
to sue end users of the Linux operating 
system for alleged copyright violations. 
But so far, the company has failed in all 
of its legal maneuvers. 

- MARK HALL 
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Before letting open-source inside 
your company, there are a few simple 
things to know. There are two general 
types of open-source licenses: permis- 
sive and coercive. The first, exempli- 
fied by the BSD or MIT licenses, puts 
no restrictions on whether you distrib- 
ute the open-source software outside 
your organization, modify the code 
or combine it with your code — the 
three cardinal sins covered by coer- 


cive licenses, says Mike Olson, CEO 
of Sleepycat Software Inc. in Lincoln, 
Mass. He acknowledges that his own 
Sleepycat license as well as the GPL on 
which it was based are good examples 
of coercive licenses. 

To foster and control open-source 
inside Fidelity, Brenner says he helped 
put together the Open-Source Support 
Center (OSSC), an internal team of 
technologists and attorneys who evalu- 
ate open-source projects to ensure that 
they meet the company’s technical 
and legal standards. The OSSC writes 
the rules governing Fidelity’s use of 
open-source and publishes a list of ac- 
ceptable licenses so developers know 
before they download code whether 
the license is acceptable. 

Still, Brenner doesn’t discourage de- 
velopers from checking out tools whose 
licenses aren't on the list. He says if the 
OSSC considers the software a good 
technical fit, Fidelity will approach the 
owner of the copyright and negotiate 
a deal directly. Many of the dozens of 
licenses listed on the Open Source Ini- 
tiative Web site (www.opensource.org) 
include a clause suggesting the copy- 
right holder is willing to deal. 

For example, Olson says, Sleepycat 
has signed more than 300 standard 
commercial licenses with companies 
because his firm owns all the copy- 
rights to its embedded database soft- 
ware, BerkelyDB. In addition, few peo- 
ple know how many copyright holders 
there are to parts of Linux, which is 
covered by the GPL. 


Service With a Smile 

Despite the trend toward software run- 
ning as a service, most coercive open- 
source licenses consider the physical 
movement of bits from one machine 

to another to constitute unlicensed 
distribution. If you design your appli- 
cation to “isolate code segments so that 
they are calling each other as services,” 
you're likely to be safe, Brenner says. 
That may change in future revisions 

to open-source licenses, but for now, 
Olson agrees that a service-oriented 
application architecture stays within 
the letter, if not the spirit, of open- 
source licensing. 
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Licensing Do’s and Don’ts 


There more than 55 open-source licenses listed as “approved” by the Open Source 
Initiative. All include provisions that the source code is used “as is” and, just like propri- 
etary software, the licenses offer no warranties; plus, they all require you to include the 
copyright or patent notice of the source code owner. Here are some other provisions: 


Apache License 2.0 

You must include a prominent notice 
of all changes that have been made to 
source code. 


BSD 

You may distribute modified or com- 
bined open-source code with or with- 
out including your source code. 


GPL 
If you modify open-source code 
or combine it with your own, your 


When you do need to combine your 


| application code with open-source, 
| say, by making library calls to it, the 


Library GPL (LGPL) is an ideal license, 
suggests Michael Mullis. He’s the chief 
technology officer at Scientific Games 
Corp. in New York, which provides 
lottery software to state governments. 
The LGPL license permits calling the 


| open-source code from a stored library 


in your application. 

Mullis adds that even if your compa- 
ny has a group like Fidelity’s OSSC and 
you follow stringent best practices and 


employ zealous technical leads to apply 


them, you still must audit your code 
for open-source license transgressions. 
Your oversight group needs to establish 
milestones where audits should take 
place throughout the software cycle. 
That central group needs to have 


| real authority, says Diane Peters, gen- 


eral counsel at Open Source Develop- 
ment Labs Inc. in Beaverton, Ore. For 
example, if you’re involved in a project 
to deliver software tools to your cus- 
tomers or supply chain and the group 
has concerns about a license obliga- 
tions, it should have the power to stop 
the project in its tracks, she says. 

Mullis recalls an incident at a prior 
employer when a contractor, who was 
not aware of the open-source-use poli- 
cies, included some free code into an 
application. Had Mullis not discovered 
it, his former company would have had 
to reveal its entire proprietary source 
code to the world. “It would have been 
a serious legal problem,” he says. 


Fingerprints 

Not every company is going to have 
someone with Mullis’ expertise, so 
IT vendors offer tools specifically to 
detect open-source code buried in- 


code must be made open when you 
distribute the new code. 


Mozilla 

If you discover after distribution that 

a third party claims ownership rights 
to code, you must take steps to notify 
all the parties you have distributed 
code to. 

Sleepycat 

You must negotiate specific rights with 
copyright holders. 


, side source files. Paul English, CTO 


at Kayak Software Corp. in Norwalk, 
Conn., uses a service from Black Duck 
Software Inc. in Waltham, Mass. Black 
Duck CEO Douglas Levin claims that 
his service detects more than 400 in- 
stances of open-source code found in 
projects on SourceForge and elsewhere. 

English says it’s critical for his busi- 
ness that Kayak pass a code audit be- 
cause one of his firm’s business scenar- 
ios involves being acquired. “We have 
to show due diligence that our code is 
clear,” he says. 

Black Duck and its main rival, San 
Francisco-based Palamida Inc., “finger- 
print” your code. According to Ray 
Waldin, CTO at Palamida, a fingerprint 
is a unique mathematical token that the 
services compare against the millions 
of tokens they have on file. But, he adds, 
the process involves more than gener- 
ating a hash (or token) of the code and 
doing a simple comparison. 

Palamida’s service also evaluates 
code behavior — that is, the function 
of a given code snippet — which can 
reveal code that’s been modified or 
moved. His service ranks the portions 
of your code that allegedly contain 
open-source, identifies the projects in- 
volved and then, of course, points you 
to their licenses. 

You don’t actually send your source 
code to Black Duck or Palamida to be 
scrutinized. They send you a software 
tool that fingerprints your code by run- 
ning a multipattern search that detects 
a source file’s coding patterns. 

Naturally, you can take a chance that 
you won't get caught violating an open- 
source license. But you should know 
that the Software Freedom Law Center 
is hiring more lawyers whose job will 





be to show you the error of your ways. » 
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Heavens 


C 


European data-flow system 
gathers astronomers 


bservations from 11 countries. 
BY MARY K. PRATT 


r 
| 


oy , 

y is an 11-country intergov- 
Cue melee UPzc1 tC el art Oc 
nomical research headquartered 
in Garching, Germany. It operates 
astronomical observatories in 
eT em 


= 

consists of 
about 100 people - a mix of sci- 
entists, software engineers, data- 
base experts and other technical 
professionals. 


IMAGINE THAT YOUR DATA is as 
vast as the heavens, with the informa- 
tion as complex as galaxies themselves. 

Most organizations would find such 
imagery dizzying, but for the European 
Southern Observatory, it’s reality. And 
ESO has it under control. 

The organization developed a sys- 
tem to manage data from outer space. 
Its end-to-end data-flow system is a 
collection of tools and processes that 
helps the agency to serve researchers 
who use its telescopes and archives. 

The success of its system has earned 
ESO recognition from the Computer- 
world Honors program as well as other 
observatories, whose officials see ESO 
as a leader in this field. 

“It’s something that we all acknowl- 
edge as being important,” says Todd 
Boroson, deputy director of the Na- 
tional Optical Astronomy Observatory 
in Tucson, Ariz., and associate director 
for the NOAO Data Products Program. 

ESO officials saw a chance to im- 
prove the way researchers collect, use 
and share data when the agency start- 
ed to build the Very Large Telescope 


cluster in Chile more than 10 years ago. 


In 1995, they created the data manage- 


ment and operations division to move 
| the ll-country ESO toward those goals. 
“What we're trying to do is create a 
| system that allows research astrono- 
| mers to have greater efficiency in con- 
ducting their observations and turning 
| that into a science result,” says David 
Silva, head of the data-flow operations 
department. 
The IT team borrowed from ad- 
| vances in data collection made pos- 
| sible by the Hubble Space Telescope as 
| well as relational databases developed 
in the banking industry. “One of our 
strengths is we look at the commercial 
market and try to find solutions that 
are applicable for us,” Silva says. 


| How It Works 

ESO developed a system with several 
major components. Web-based inter- 
faces provide information and tools to 
end users — the researchers. These 

| interfaces allow researchers to submit 

| detailed observation requests that ESO 
| workers in Chile can then execute. The 
| system stores 30TB of data. 

The main user tool for submitting 

| programs is a Java-based client that 
runs on the astronomers’ desktops and 
exchanges data with a server located 
at ESO headquarters. ESO operations 

| staffers use another Java-based tool to 
manage and execute user programs. 

Meanwhile, an enterprise-class re- 
| lational database management system 
is used to operate and synchronize the 
databases in Germany and Chile. 

ESO’s tech team used a combination 
of off-the-shelf products and internally 
| developed pieces for areas where cus- 
| tomization made the most sense. The 
system was based primarily on Sun 
Solaris and Hewlett-Packard Co. tech- 
nologies, but now the IT team is mov- 
ing toward Linux running on Dell Inc. 
hardware. ESO also uses data manage- 
ment products from Sybase Inc., which 
| has database expertise and has worked 
with other astronomical agencies. 

ESO invested about $60 million in 
the IT infrastructure between 1995 and 
2001, according to Peter Quinn, head 
of ESO’s data management and opera- 
tions division. Most of that investment 








— nearly $50 million — went to labor 
costs, with the rest going to equipment. 
ESO now invests about $12 million an- 
nually in development, maintenance 


| and operations. 


“They’ve done a thorough job pro- 


| viding an IT infrastructure to ensure 
| they’re using the telescopes in an ef- 


ficient way,” notes Daniel Steeghs, an as- 
tronomer at the Harvard-Smithsonian 
Center for Astrophysics in Cambridge, 
Mass., and a native of the Netherlands 


| who has worked on ESO’s systems. 


| lenges ahead in managing its ever- 


increasing volume of data. Officials say 
they’re developing cluster computing 


| technology to meet predicted needs; 


ESO must have the capacity to store 
and process close to ITB of science 


| data per day by 2010. 
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ESO’s Peter Quinn accepts a Computerworld 
Honors award in Washington. 


But such challenges haven’t stopped 
others — including those pushing for 
an international virtual observatory 
— from following ESO’s lead in end-to- 
| end data-flow management. 

As Steeghs says, “People have recog- 
nized that it’s the way to go.” b 





Pratt is a Computerworld contributing 
writer. 





CONQUERING CULTURAL RESISTANCE 


DESPITE ITS GOVERNMENTAL origins and 
academic bent, ESO faced a corporatelike 
problem when implementing its data-flow 
system six years ago: getting user buy-in. 
For centuries, astronomers made their 
observations using their own telescopes, and 
even now they often travel alone to remote 


puters sort them and put them in a queue 
based on factors such as the weather condi- 
tions at the site of the Chilean telescopes. 
Observations are sent back via the Internet 
or hard disk, with data stored for general use 
after one year of proprietary use. 


1 “We had to win people over, but it didn’t 

¥ take long,” says Peter Quinn, head of ESO's 

; data management and operations division. 

i ESO established a user support depart- 

1 Ment early on to ensure that clients get the 

4 service they need. Meanwhile, ESO's IT staft 

§ collected requirements from users and con- 
verted those ideas into tools, says 
Michele Peron, head of the data- 
flow system department. 

Still, there were some bumps, 
says David Silva, who heads the 
data-flow operations depart- 
ment. “In the beginning, people 


“As with all new things, there 's 
a learning curve, and the first few 
1 times, it was difficult,” says Frank Grundahi, 
1. aresearcher at the University of Aarhus in 
1 Denmark who uses the system. “However, 
1 the very clear structure that has been set up, 
1 makes things very efficient.” 5 
! ~ MARY K. PRATT 





_THE INVASION 


_DAY 3: The servers have taken over. We bought 

so many affordable ones we can’t afford the people 
to manage them. How far does this sprawl spread? 
Have they taken over the city? The planet? 

Ma, have they gotten to you, too? (Must type 

very, very quietly. They’re L-I-S-T-E-N-I-N-G.) 
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T IS surely one of the more 

mind-blowing PowerPoint 

slides ever created. It’s a 

graph, and one of the small- 
est numbers, near the bottom of 
the vertical axis, is 10*°, the num- 
ber of seconds from now until 
the sun burns up. Then comes 
10’, the number of atoms on 
Earth. After that, the numbers 
get really big, topping the scale 
at 10° 

This graph, from the Defense 
Advanced Research Projects 
Agency, shows the exponential 
growth in possible outcomes 
for a range of activities, from a 
simple car engine diagnosis with 
100 variables to war gaming with 
1 million variables (that’s what 
the 10°”? represents). 

The point DARPA is trying 
to make in explaining its Real- 
World Reasoning Project is that 
computers will never be able to 
exhaustively examine the pos- 
sible outcomes of complex ac- 
tivities, any more than a roomful 
of monkeys with typewriters 
would ever be able to re-create 
the works of Shakespeare. 

But in the recently completed 
Phase I of the Real Project, as it’s 
called, the agency did discover 
shortcuts that can tame the pun- 
ishing combinatorial complexity 
that for decades has stymied ef- 
forts to model the real world. 


Beyond Brute Force 

Bart Selman, a computer science 
professor at Cornell University 
and one of three DARPA con- 
tractors on the project, points 
out that for a decade there have 
been automated reasoning tools 
that can discover defects in chip 
or software designs. These tools 
can “prove” the correctness of a 
specification without exhaustively test- 
ing every situation the chip or software 
might encounter. 

But those tools can do only what’s 
called single-agent reasoning. Selman 
is extending the concepts to a much 
harder class of problem — multiagent 
scenarios in which there’s one or more 
opposing forces — and he’s developed 
chess-playing software to test his ideas. 
The best chess programs today, such as 
IBM’s Deep Blue, excel by brute-force 
trials of moves, analyzing millions of 
board positions per second. “Deep Blue 
explores hundreds of millions of strate- 
gies, but most of them are very dumb,” 
Selman says. “Grandmasters only ex- 
plore three or four possible lines of play.” 


| grandmaster, he says. “It 
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The Cornell chess pro- 
gram works more like a 


might exploit certain strate- 
gies, then find they are not 
successful. It learns from 
that and adds that to its knowledge 
base. It gets better the more games it 
plays, even during a single game,” Sel- 
man explains. It develops a conceptual 
view of the board and seeks out overall 
positions that will give it strength. By 
applying these learning techniques and 
other improvements over traditional 
reasoning tools, Selman’s team has so 
far achieved a 10° speed improvement 
over those tools, he says. 

While Selman works on two-agent 


Yt 
WATCH 


Researchers find ways to tame the complexity in 
real-world reasoning. By Gary Anthes 


systems like chess, research- 
ers at SRI International 

in Menlo, Park, Calif., are 
looking at games with four 
or more agents. That lets 
them include the dynamics 

| of partnerships and coalitions often 

| found in real-world conflicts. 

Patrick Lincoln, director of the 
nonprofit’s Computer Science Labora- 
tory, has applied a “model checker” 
that’s normally used to prove out 
semiconductor designs to a four-player 
variant of chess and to Diplomacy, a 
seven-player board game set in Europe 
just before World War I. Lincoln de- 
veloped an algorithm that can find the 

| “Nash equilibrium” in a game, a point at 
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which no player can deviate from 
his strategy without harming his 
outcome. Once that’s been deter- 
mined and the strategies of all 

the players are known, the model 
checker can find the best tactical 
moves given the various partner- 
ships that have evolved. “This is 

a major computational challenge,” 
Lincoln concedes. 

Like Selman at Cornell, Lincoln 
has used model-checking tech- 
niques to mathematically prune 
the combinatorial tree. “We are 
doing it symbolically, in a way we 
don’t have to exhaustively look at 
all the cases,” he says. 

Meanwhile, researchers at the 
University of California, Berkeley, 
are introducing notions of uncer- 
tainty into automated reasoning. 
They are modeling Kriegspiel 
chess, a variant of the game that 
the Prussian army used in the 
19th century to train its officers. 
In Kriegspiel chess, neither oppo- 
nent sees the pieces or the moves 
of the other, so each works only 
with information that’s been in- 
ferred from the consequences of 
his own moves. 

Stuart Russell, a computer sci- 
ence professor at Berkeley, says 
his team has come up with search 
algorithms that are 100 to 1,000 
times faster than earlier methods 
for this kind of problem. Some 
can find solutions directly, with- 
out trying all possibilities. He 
says his techniques could one day 
be used in applications dealing 
with real-world situations whose 
dynamics are only partially ob- 
servable, such as negotiations, 
management of traffic flows or 
supply distribution systems. 

“With these technologies, one 
might create a logistics decision- 
support system that could, for 
instance, consider the likelihood of 
future events such as a natural disaster, 
and factor the event, and its implica- 
tions, into the logistics process,” says 
Tom Wagner, DARPA’s program man- 
ager for the Real Project. “That same 

logistics system could also reason 
about the value of forming a relation- 
ship with another company, possibly 
even a competitor, as a way to improve 
the response to that disaster.” 

In the next phase of the project, not 
yet approved by DARPA, SRI will scale 
up the tools to handle more complex 
games with more players, Lincoln says. 
“The exponentials are so terrifying,” he 
says. “The only way to make progress 
is to tame them algorithmically.” » 





_DAY 3@: It s gotten worse. I m trapped in a maze 


of our own creation. Oh, the irony. 


answer. (P.S. Im frightened.) 


DAY 31: I need IBM Systems with 
technology. Helps you manage your 


each from a single view, so you 


on the fly. Lets you scale up and 


I will achieve control. I will be 


_— 5 
i need ar 


1Lization 


storage, 


deploy resources 
out quickly. 


big hero. 


They will call me Ned. Ned, Champion of Simplicity. 
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3-D Models Mean 
Less Radiation for 
Young Heart Patients 


AUNIVERSITY OF MICHIGAN medical re- 
search team reports high levels of success from a 
new approach that uses a 3-D computer-assisted 
navigation system to treat children with rapid heart- 
beats and other heart-rhythm conditions. 
Researchers at the university's Congenital 
Heart Center have studied a treatment called radio 
frequency catheter ablation in children. Data from 
the study shows that by adding the 3-D navigation 
system to a conventional X-ray-based method 
to visualize electrophysiological catheters inside 
the heart, doctors were abie to successfully treat 


SINCE THE LATE 1970s, 


| 


—— 


Images made using the 3-D computer- 
assisted mapping technique show the 
location of catheters in a child's heart. 


99.1% of 113 patients studied. While the procedural 
success rate was very high, the most significant 
finding was that the patients who were treated 
using the 3-D computer navigation system were 
spared almost half the radiation dose received 
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by 108 comparable patients treated immediately 
before the new system was available. 
“The goal of reducing radiation dose is espe- 
cially important in children, because of the risk 
it can pose to their health and fertility later in life,” 
says Dr. Peter Fischbach, senior author of the study. 
“Radiation exposure is very different for children and 
adults, due to their small body mass as well as their 
longer life expectancy, which allows for a greater 
likelihood of the radiation to cause adverse effects.” 
RF catheter ablation treatment uses electri- 
cal current transmitted at very high frequencies 
through a tiny catheter that's steered through the 
blood vessels and into the heart. The electricity is 
passed through the tip of the probe, cauterizing 
asmall piece of heart muscle that supports the 
abnormal electrical activity that leads to fast heart 
rates, also known as tachycardia. 
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Control starts with IBM Systems. 


Control the sprawl by physically consolidating your 
servers and storage, putting more power in less space. 


Control complexity by pooling systems and managing 
them from a central location. Reducing your number of 
disconnected servers and storage 


Control costs with servers that partition virtually so 
you can do more with less on a single system. 


Control time with systems and software designed 
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Deciphering Options 


For Laptop En 


By choosing a vendor, our manager takes 
a big step toward protecting the company’s 
intellectual property. By Mathias Thurman 


URING THE past two 

weeks, I started up 

a disk encryption 

project, one of the 
technology initiatives under 
my company’s intellectual as- 
set protection program. (I will 
cover the deployment of the 
other technology initiative, 
digital rights management, in 
a future column.) 

Our goal with the disk en- 
cryption effort is to 
prevent the loss of 
intellectual property 
stemming from the 
theft of a laptop. On 
several occasions, 
executives’ laptops 
have gone missing or 
been stolen. One of those miss- 
ing laptops contained intel- 
lectual property and sensitive 
data, including information on 
a pending acquisition, product 
strategy and road maps. Luck- 
ily, it was recovered. 

Should something like that 
happen again, we want the 
data on the laptop’s hard drive 
to be illegible, which means we 
have to encrypt the entire hard 
drive. I assembled a team of 
representatives from our help 
desk, Windows engineering 
and Web applications groups 
and my information security 
team. After the initial project 
meeting, which familiarized 
everyone with the scope of 
the project and the state of the 
technology, we considered 
three products: Microsoft 
Corp.'s Encryption File System 
(EFS), PGP Corp.’s Whole Disk 
and Pointsec Mobile Technolo- 
gies’ Pointsec for PC. 

EFS was attractive in that it 
comes built into Windows and 


| 
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is therefore basically free. Plus, | 


Microsoft is a large company 
and we already have a rela 


tionship with it, so its viability 
and support structure aren’t 
unknowns. But we wanted a 
product that would encrypt 
the entire hard drive and not 
just individual files, require 
no change in the way users 
utilized their laptops and be 
compatible across all of our 
platforms. 

So, as appealing as EFS 
was, it was quickly eliminated, 
mostly because it 
can’t encrypt the en- 
tire volume. Besides 
that, there are some 
issues regarding 
sharing files be- 
tween Windows XP 
and Windows 2000, 
and there’s a good chance that 
files could end up in areas of 
the drive that aren’t encrypted. 


| It’s true that we could get 


around that last problem by 
using group policies to control 
the configuration of users’ lap- 
tops, but the project team had 
decided against group policies. 
Finally, EFS doesn’t support 
Linux, which would leave out 
many of our engineers. 

On to PGP. I like PGP, and 
we use it for e-mail encryp- 
tion. Almost every security 


| professional I know has a PGP 


key, and I thought we could 
integrate that technology 
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ption 


with the whole-disk encryp- 
tion. Unfortunately, the PGP 
full-disk encryption offering 
is new, and the project team 
felt more comfortable with a 
product that has been around 
a while and has a history of 
large deployments. 


The Best Choice 

This left us with Pointsec for 
PC, which does in fact meet 

all of our requirements. It also 
has offerings for the Palm 

OS and Pocket PC operating 
systems and for some of our 
smart phones. Pointsec for PC 
uses a preconfigured agent 
that, when installed on a user’s 
laptop, will seamlessly encrypt 
the entire hard drive and then 
modify the master boot record 
(MBR) so that a user must 
authenticate to the software 
embedded in the MBR before 
being allowed access to the PC. 

As you probably know, the 
MBR is the information in the 
first sector of a hard drive that 
identifies where the operating 
system is located so that it can 
be booted into memory. Modi- 
fying the MBR is risky; if the 
hard disk is encrypted and the 
MBR becomes corrupted, the 
data on the drive is essentially 
gone. This is a risk that will 
have to be dealt with through 
proper backups. 

Users, however, will still use 
their enterprise credentials 
and authenticate only one 
time. The software within the 
MBR will pass the authentica- 
tion credentials through to the 
operating system log-in. Once 
authenticated, the user should 
see no noticeable degradation 
in service. The idea is that 
we'll configure the agent and 
place it on one of our intranet 
Web pages. Users who need 
or simply want to use full-disk 
encryption will contact the 
IT department and acquire 
the software and appropriate 
instructions. 





As with any global deploy- 
ment, we need to define a help 
desk support model. Pointsec 
accomplishes this with a Web- 
based tool that lets help desk 
administrators access a single 
management system to assist 
users in the event that they are 
locked out of a mobile device. 

One of the concerns was 
what to do when employees 
leave the company or when 
a laptop has to be reviewed 
as part of an investigation 
or other legal/HR matter. 
Pointsec (as well as the other 
products mentioned) offers a 
key-escrow functionality that 
includes the concept of a “god 
key” that enables the laptop 
to be decrypted by a trusted 
authority. In our company, that 
trusted authority will most 
likely be me. 

The next step in the project 
is to start a proof of concept 
to allow the team to become 
comfortable with the technol- 
ogy and to give us the oppor- 
tunity to test the software 
against our extremely dynam- 
ic environment. 

Unlike in financial services, 
health care and some other 
regulated industry, our users 
have all sorts of what I like 
to call funky applications 
installed on their laptops. For 
example, some engineers 
and developers have various 
debugging tools and employ 
multiboot environments, all 
of which will have to be tested 
at length. In addition, we are a 
global company, so we have to 
ensure that the product can be 
used on laptops with language 
packs or an operating system 
in another language. 

But I’m fairly confident 
that we will have a successful 
deployment and will soon be 
providing this disk encryption 
software to address the cur- 
rent and future needs of the 
company. ® 


WHAT DO YOU THINK? 


This week's journal is written by a real 
security manager, “Mathias Thurman,” 
whose name and employer have been 
disguised for obvious reasons. Contact him 
at mathias_thurman@yahoo.com, or joii: the 
discussion in our forurn: 
computerworld.com/forums 

To find a complete archive of our Security 
Manager's Journals, go online to 


| computerworld.com/secjournal 





www.computerworld.com 


RUN UI 


EXTRUSION 
DETECTION 





TRAINED IN THE ART 


OF NETWORK 
DEFENSE 





Find tools and guidance to defend your network at microsoft.com/security/IT 


» Free Tools and Updates: Streamline patch management » Antivirus for Exchange: 
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security with Microsoft Baseline Security Analyzer X s : 
» Learning Paths for Security: Take advantage of in-dept! 
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Adaptec Updates 0S 
For Snap Servers 


® Adaptec Inc. in Milpitas, Calif., 
has unveiled its new GuardianOS 
Version 4.0 operating system for 
its Snap Server line of network- 
attached storage (NAS) devices. 
The product features new Uni- 
code support, new eTrust anti- 
virus software from Computer 
Associates International Inc., an 
integrated 500GB virtual tape 
library and an easier-to-use 
graphical interface, according 

to the company. It also includes 
graphical RAID representation, 
Windows-to-Unix mapping of se- 
curity, user and group identifiers, 
and improved share creation and 
share security. The upgraded op- 
erating system is available now 
for $599 per Snap Server or is 
included on all new Snap Server 
NAS devices. 


Layton Releases 
Database Manager 


= Layton Technology Inc. in 
Tampa, Fla., has released Layton 
Database Manager. The product 
is designed to help manage Mi- 
crosoft Corp.’s free SQL Server 
2005 Express Edition and SQL 
Server 2000 Desktop Engine, 
according to Layton. Pricing 

is $795 per site license and 
$2,495 for an enterprise license, 
which includes 60 days of e-mail 
and phone support. 


TimeSpring Releases 
Data Protection Tool 


® TimeSpring Software Corp. in 
Newport Beach, Calif., has an- 
nounced the general availability 
of its continuous data protection 
product for Microsoft SQL Server 
2005. TimeData for Microsoft 
SQL Server allows users to re- 
cover from data loss, corruption 
or other issues within minutes, 
according to TimeSpring. Time- 
Data captures all changes to SQL 
Server databases in real time to 
an on- or off-site repository, 
allowing users to migrate real- 
time production data from SQL 
Server 2000 to SQL Server 
2005 without shutting down. 
Pricing starts at $1,295 for a 
single file server. 


TECHNOLOGY 


MARK WILLOUGHBY 
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A Cure for Storage 
Hardware Dependence 


‘TIZENS, like digital drug addicts, keep buy- 
ing ever-larger fixes of storage for all the high- 
definition content on the planet. But back at 
the knowledge ranch, weird science is going to 
help us kick the storage habit and the hardware 

economics that keep us addicted. 


Consider that corporate 
data storage is exploding at 
a 60% annual clip, driven 
by the need to meet regu- 
latory compliance dictates, 
keep full-motion video on- 
line and support ever-in- 
creasing amounts of analy- 
sis and correlations for 
that elusive competitive 
advantage. Small wonder 
that the incessant demand 
for storage means stor- 
age revenue grows almost 
twice as fast as that of the 
lowly server segment. 

These halcyon days of 
hardware-dominated storage can’t 
last. Current storage costs depend on 
the economics of hardware. Hardware 
factors such as magnetic and optical 
densities determine how much intel- 
ligence is needed in controllers, how 
to optimize redundancies and how to 
engineer expansion. Optimizing hard- 
ware will never remove storage bottle- 
necks for users pushing the limits of 
system performance defined by more 
hardware. 

The future of storage lies in kicking 
the hardware habit. The storage equa- 
tion must be inverted, with smarter 
software processing the information 
before it ever sees hardware. The brave 
new world of storage economics re- 
quires very intelligent software with 
new algorithms that automate data 
compression before it’s sent to the stor- 
age farm. 

Entrepreneurs without a stake in 
the existing world order are moving 
beyond the rules of data communica- 
tions and storage laid down by Claude 
Shannon in 1948. Shannon, dubbed the 
father of information theory, said that 
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data is a collection of bits 
and bytes that have no in- 
trinsic value and are mere 
commodities to be moved 
and stored. 
With the economics 
of storage, we know now 
that information has in- 
trinsic value. Patterns and 
knowledge do in fact exist 
in Shannon’s random col- 
lection of bits and bytes. A 
huge marketplace is wait- 
ing to form around the no- 
tion that information can 
be ordered, the similarities 
removed, and only the dif- 
ferences stored. Imagine the savings. 
Focusing on the changes is a proven 
methodology today, used in display 
and presentation algorithms like Flash 
and AJAX. By sending only the parts 
of the display that change, we can save 
huge amounts of communications 
bandwidth and push system bottle- 
necks back into the storage quagmire. 
A promising theoretical fix to the 
hardware-based economics of storage 
is autosophy (www.autosophy.com), 
invented and marketed by a small 
San Francisco-based research firm of 
the same name. The word autosophy 
comes from the Greek words auto 
(self) and sophia (knowledge or wis- 
dom), and its inventors call it the new 
science of “self-assembling structures. 
Autosophy is based on algorithms 
that selectively acquire knowledge 
from information and data in random 
environments. This acquired knowl- 
edge grows complex data constructs 
without human intervention. Exam- 
ples of self-assembling structures 
in nature include trees, crystals and 
even complex societies like beehives 


” 


| and ant colonies. 

Here’s how autosophy is going to 
cure our storage addiction. It starts 
with the concept of an “engram” — a 
unit of knowledge. Knowledge can 
be learned only once. You can’t learn 
what you already know, and repeating 
what the receiver already knows adds 
no knowledge. Efficient communica- 
tions send only engrams, telling receiv- 
ers what they don’t yet know and thus 
omitting all the background informa- 
tion already known or acquired. Focus- 
ing only on engrams obviously yields a 
huge economic benefit by eliminating 
all the transmission and storage of re- 
dundant information. 

A second key to the autosophy con- 
cept is an address token called a tip. 
Unlike the monetary reward for good 
service, an autosophy tip is the address 
for an engram. In video communica- 
tions and storage, each tip could repre- 
sent that part of a frame that changed 
— the engram of new information that 
moves the action in the video. The 
| variability of an engram eliminates any 
relationship between information and 
| data volume — a tip can represent any 
amount of data, from a letter to an en- 
tire book or video. 

The last part of your autosophy 
primer is the completed whole, or 
“hyperspace knowledge library.” This 
new type of data construct must be 
identical in both the transmitter and 
receiver, just like in parity-controlled 
traditional data storage and communi- 
cations. Autosophy communications 
becomes more efficient as the hyper- 
space knowledge library grows and 
assembles. It can be shared prior to 
transmission or self-assembled from 
the tip codes during transmission. 

Among humans, the hyperspace 
knowledge library analog is that people 
without much knowledge communicate 
less efficiently than experts with a great 
deal of knowledge, or engrams must be 
in short supply in Washington. ? 
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YOUR JOB IS TO KEEP SYSTEMS AND APPLICATIONS RUNNING. 
OUR MISSION IS TO KEEP PEOPLE AND INFORMATION CONNECTED. 
LET’S WORK TOGETHER. 


Continuous access to information no matter what. That’s 
Information Availability. It's what your employees, suppliers and 
customers demand every minute of every day. But to deliver it 
flawlessly, you need a massive global infrastructure, redundant 
systems and diverse networks being monitored and supported 
by skilled technical experts at secure facilities. That’s exactly 
what SunGard provides. 


As a result, we can offer you a higher level of availability and 
save your company, on average, 25% versus buil ding the 
infrastructure yourself. Plus, it’s a vendor neutral solution that 
lets you control your data,applications and network while giving 
you the flexibility to adjust to the changing needs of your 
business. But best of all, it lets you spend more time solving 
business problems and less time solving technical problems. 


For years, companies around the worid have turned to 
SunGard to restore their systems when something went 
wrong. So, it’s not surprising that they’re now turning to us 
to mitigate risk and make sure they never go down in the 
first place. 


You want your network and systems to always be up and 
running. We want the same thing. Let’s get together. To 
learn more, visit www.availability.sungard.com or call 
1-800-468-7483. 


SUNGARD sc tralecanias 
vailability Connected.™ 


ne ees Ensuring information Availability: 
Aligning Customer Needs with an Optimal Investment Strategy. 





REMEMBER WHEN TECHNOLOGY 
HAD THE POWER TO INSPIRE YOU? 


BELIEVE AGAIN. 


Once, technology transformed business in a way that made us believe its potential was boundless. But over 
time, the promise of IT was challenged by sheer complexity. Today there’s reason to believe again. 
Computer Associates (CA) introduces an approach to managing technology called Enterprise IT Management 
(EITM). With the range of software and expertise to unify systems, processes and people across the enterprise. 
Simplify the complex. And enable IT to deliver fully and securely against your business goals. With CA software 
solutions, you can reach a higher order of IT. At your own pace, on your own path, with your existing technology 


and partners. To learn more about EITM, and how CA's new solutions can help you unify and simplify your IT 


Oe 


environment in a secure way, visit ca.com/unify. 
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Working Through the Pain 


Many IT groups that have sent work 
offshore have been disappointed, but 
some stuck with it, learned from 
their mistakes and forged valuable 
long-term relationships with offshore 


vendors. PAGE 46 


BY MARY K. PRATT 


Keith R. Thode’s clients needed 
help, and fast. So he loaded up his 
car with two volunteers and a variety 
of equipment and hit the road, driving 
from his Dallas office right into a disas- 
ter zone. 

Thode, chief operating officer at Aid- 
matrix Foundation Inc., was among the 
hundreds of people who raced south 
to help after Hurricane Katrina. But 
instead of handing out food or admin- 
istering first aid, Thode helped get es- 
sential relief-related IT systems up and 
running. “In a time of crisis, we had to 
be there,” he says, citing Aidmatrix’s 
mission. The nonprofit foundation 
develops Internet-based software to 


help humanitarian organizations better 
manage supplies. 

Hurricane Katrina tested many 
people’s ability to work under the gun. 
Front-line relief workers handled the 
most publicized challenges, but IT 
practitioners dealt with unusual and 
pressure-filled job demands. 

The circumstances around Katrina 
might seem unique, but many tech pro- 
fessionals occasionally find themselves 
working in extreme conditions, trying 
to establish networks or troubleshoot 
applications far from the comforts of 
their offices. Such situations make for 
good stories, but they also provide im- 
portant pointers on how to work more 


Career Watch 


A proposal for a new onshore 
model for business process 
outsourcing; the happiness 
of IT workers; and proposing 
changes to the computer sci- 
ence curriculum. PAGE 51 





OPINION 


effectively in everyday situations. 
Here are some IT lessons learned in 
extreme conditions: 


Keep it simple. The U.S. Army uses 
commercial hardware and software 
when it sets up satellite connections 
in Afghanistan, Iraq and other remote 


| or hostile areas. Soldiers in the field 


can set up satellite communications in 
just a few steps, says Kevin Carroll, an 
Army program executive officer for en- 
terprise information systems based in 
Fort Belvoir, Va. They unpack and set 
up the equipment within 30 minutes, 
then need only to push a button to have 
the equipment search for a satellite for 
the actual transmissions. “We struc- 


| ture it to be easy to use,” Carroll says. 
| He explains that soldiers are trained in 


multiple disciplines, but most aren’t IT 
professionals, and the Army can’t rush 
experts to the scene every time a satel- 
lite link is needed. 

“We wanted something everyone 
could use with minimal training,” 
Carroll says. “What we need are very 
simple systems, not a lot of fancy bells 
and whistles. That differs from the 
commercia! market, where they want 
you to have all these new network op- 
tions and all these reports and all these 
fancy things that require you to have 
the tech guy.” 

Carroll says IT executives, whether 
military or corporate, should ques- 
tion whether they need such advanced 





Katrina Brought Out the Best in IT 

Bart Perkins congratulates a large group of IT 
vendors that joined forces to assist with relief after 
Hurricane Katrina. Rallied by the American Red 
Cross, they put aside competition and profit and 
put forth a highly effective team effort. PAGE 52 


| technology or whether their missions 
| could be met with simpler (and often 
| cheaper) equipment. 


Escalate suggestions to the next 
level. Good ideas get lost even under 
normal working conditions, so it’s easy 
to imagine how they could get over- 
looked in a crisis. Consider, for example, 
that the computers the American Red 


| Cross set up in Louisiana will be wiped 


clean when the work is done. Any new 
program installed on the fly, no matter 
how helpful, won't make it to the next 


| disaster zone, says Matthew Feeney, 


information systems manager at the St. 
Paul, Minn., American Red Cross chap- 


| ter and volunteer manager of the orga- 


nization’s Response Technical Team. 
So when a volunteer in Louisiana 
suggested using Microsoft Windows 


| SharePoint to prevent data loss, Feeney 


made sure the idea first went to the 
right people in headquarters, who then 
approved it. Sound like bureaucracy? 
Not quite, Feeney says. The process 
ensures that this good idea will be 
incorporated in future work. 


| Use personalities to your advan- : 


tage. Feeney’s staff in Louisiana was 
an odd mix of business and IT execu- 
tives, students and workers of every 
experience level. More important, 
though, Feeney found that these volun- 
teers had a mix of personalities, too. 
“You have your natural born leaders. : 
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Then you have people like me: I can 
lead, follow or step aside. And then you 
had others who were competent and 
fantastic but didn’t want to be respon- 
sible for making a decision,” he says. 
Feeney realized that as he was as- 
sembling teams, he couldn’t “have too 
many chiefs in one pile and too many 
people waiting to be told in another.” 
So he assigned people based on their 
personalities and their ability to work 
well together — rather than forcing 
everyone to get along all the time. 


Consider all personnel pos- 
sibilities. After Hurricane Katrina, 
Thode’s job was to scale and adjust 
Aidmatrix’s Internet-based software for 
use by Adventist Community Services 
and America’s Second Harvest - the 
Nation’s Food Bank Network. His work 
involved more than programming 
changes. He helped the agencies physi- 
cally set up their systems as well as 
install and run Aidmatrix software. 

So when Thode needed to connect 
Adventist’s computers to the Internet, 
he initially considered using his back- 
up long-distance dial-up Internet ac- 
count. But a better solution came from 
an unexpected place: an 82-year-old 
volunteer from Oregon, who handed 
him the local Louisiana EarthLink 
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MANAGEMENT 


| everything from age to how they come 

| off,” Thode says. But good managers 

| seek out expertise from all sources and 
then pull those people into the team. 


Foster a service attitude. It’s easy 
to forget relationships when work fo- 
| cuses on routers, servers and networks. 
But Thode can attest to the importance 
of building rapport among colleagues. 
“The relationships helped us get right 
to work,” he says. 

When he showed up at 1 a.m. ona 
Sunday outside a previously vacant 
facility taken over by America’s Second 


| Harvest, agency workers welcomed 
| 

the unexpected support. Work started 
immediately, despite the hour, and later 


that day, Thode was rolling out new 
systems and training agency staff. 

Thode says the seeds of such cooper- 
ation are sown well before a crisis. “It’s 
really an attitude you have to ingrain 
in your staff. So whether you're selling 
widgets or you have an IT department 
that supports a sale, take a service atti- 
tude,” he says. That approach will win 
points with clients, whether they’re 
signing a contract or queuing up for 
emergency supplies. 


Name a point person. Lt. Col. 





Mike Plummer commands the Army’s 





number — a number the volunteer had 
looked up before he left home. 

Thode later found another unlikely 
source of help. While setting up an 
emergency relief center in Texas, he 
learned that the pastor in charge had 
been a warehouse manager before at- 
tending the seminary. Having a team 
member experienced in the processes 
and procedures of warehousing proved 
invaluable. 

“People get overlooked based on 


67th Signal Battalion and oversees 
teams of IT workers who support field 
work. After Hurricane Katrina, his 
battalion deployed to Camp Shelby, 
Miss., to support relief operations, tak- 
ing with it data packages that included 
equipment needed for secure Internet, 
phone and network connections. 

“I can put [data packages] in the mid- 
dle of nowhere, power them and sup- 


port a customer,” Plummer says. In fact, 


just 25 hours after arriving, his troops 





IT WORKERS can put their skills to the 
test by volunteering their expertise. 

The American Red Cross welcomes volun- 
teers with specific professional proficiencies 
and will place them in assignments where 
they can flex that expertise, says American 
Red Cross spokesman Daniel Graver. 

Although all volunteers are welcome, 
Graver says, the relief agency specifically 
needs people with technical skills. “The stuff 
they do is superimportant,” he says, pointing 
out that IT volunteers frequently set up com- 
munication lines and computer networks in 


had set up a secure videoconference 
system that was capable of handling 
meetings between Camp Shelby and 
President Bush. 

Although the 67th Signal Battalion 
was deployed to support Army relief 
efforts, Plummer says his troops served 
civilian organizations as well. For ex- 


. . | 
ample, they supplied equipment and set 
| wrong, how to sustain strong points 


up civilian computers to connect and 
work through the Army’s network. 

Multiple customers can put extreme 
demands on staff, however, and that 
can slow down a job, Plummer says. 
“You might have [only] one person who 
knows how to operate that widget, and 
if that person gets interrupted every 
other minute, they can’t get their job 
done,” he says. 

To make sure competing demands 
didn’t distract workers, Plummer gave 
customers a place to vent — a point 
person who could handle complaints 
and questions — leaving other workers 
free to work. 


Employ “after-action reviews.” 
After his battalion’s deployment to 
Mississippi in September, Plum- 

mer says he realized he should have 
brought along the Computer Emer- 
gency Response Team, which monitors 
for intrusions and helps protect the 
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areas that have no other connections. 

Be prepared for the challenge. “Anything 
we're doing with communications and 
technology, you're working under extreme 
circumstances, you're working long hours, 
and you never know what you're going to be 
working on,” Graver says. 

{T professionals can contact their local 
American Red Cross chapters to sign up as 
volunteers. Local chapter information can be 
found at the organization's Web site, www. 
redcross.org. 

~ MARY K. PRATT 


Army’s network against them. 

To ensure that he doesn’t leave the 
team behind again, Plummer incorpo- 
rated the idea in the “after-action re- 
view,” sometimes called a postmortem 
in the corporate world. 

The Army writes up such reviews 
following exercises and deployments, 
outlining what went right, what went 


and how to fix mistakes. “Then you in- 
corporate that into any future training 
that you do,” Plummer explains. 


Be flexible. As Thode drove into 
Louisiana, he knew he might have to 
perform tasks outside his normal re- 
sponsibilities. Sure enough, his clients 
called on him for jobs that had nothing 
to do with his software expertise. He 
helped one volunteer choose a com- 
puter from an electronics store. And he 
drove 150 miles to get cellular modem 
cards for America’s Second Harvest. 
He handled tasks large and small 
with equanimity. “Understand that 


| rules and structure are there to support : 


you in achieving the mission,” he says, 
“but sometimes the base lines change.” ? > 





Pratt is a Computerworld contributing 
writer in Waltham, Mass. You can con- 
tact her at marykpratt@verizon.net. 
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After rocky starts, some U.S. clients are 
learning how to get better results offshore. 
BY THOMAS HOFFMAN AND PATRICK THIBODEAU 


SCHRHSHOSEESEHEEHEHSESEHSEHSEHSHEHESHEHHESEHESEHEHESEEEEHEHESEEEHEEESES 


IRST-TIME offshoring cus- 

tomers often encounter a 

rash of unexpected difficul- 

ties, such as lower-than- 

anticipated cost savings 

and the need to send IT 
managers overseas for extended peri- 
ods to resolve project problems. 

So serious are these issues that more 
than half of customers end outsourcing 
contracts prematurely, according to a 
recent survey. 

Nevertheless, some offshoring cus- 
tomers that have encountered problems 
with overseas engagements have stuck 
with their providers, learned from their | 
mistakes and applied the lessons to 
strengthen those relationships. 


Offshore Surprises 
Organizations that send some of their 
IT work overseas have to contend with 
all sorts of challenges, including time 
zone, cultural and language differences. 
As a result, dissatisfaction with 
offshore outsourcing is on the rise, ac- 
cording to two independent surveys of 
IT managers and businesses conducted 
earlier this year. 
Last spring, Chicago-based Diamond- 
Cluster International Inc. surveyed 
210 senior IT executives at Global 
1,000 companies and 242 executives 
at outsourcing service providers and 
found that over the previous year, the 
percentage of users satisfied with 
offshoring providers fell from 79% to 
62%. Even more telling was the number 
of customers who prematurely ended 





| domestic or offshere outsourcing 


contracts within a year: That figure 
jumped from 21% in 2004 to 51% this 
year. 

Several factors have contributed to 
dissatisfaction with offshore outsourc- 
ing agreements, says Tom Weakland, 
a managing partner at DiamondClus- 
ter. Fierce competition for top talent 
among offshore providers has led to 
increased employee turnover, and 


| the type of work that customers are 


sending overseas is becoming more 


complex. Both of these elements are 


leading to a rise in troubled projects 
and missed deadlines. 
Moreover, because the number of 


| offshore providers has risen dramati- 


cally, buyers are facing increased risks, 
such as the possibility of vendor finan- 
cial instability or the inability of new 
entrants to attract and retain top talent 
at low costs. 

And customers often underestimate 
the changes wide-scale outsourcing 
deals can entail. “You're talking about 
complex business change and transfor- 
mation,” Weakland says. 

It’s not surprising that Pricewater- 
houseCoopers reported similar results 
in a study released in September. The 
firm surveyed IT and business execu- 
tives at 156 financial services firms, and 
only half of the respondents said they 
were satisfied with offshore providers, 
citing problems with cost overruns, 
staff retention and cultural differences. 

But dissatisfaction doesn’t seem to 
be slowing the offshoring trend. In the 





PricewaterhouseCoopers survey, 74% 
of the respondents said they plan to in- 


crease their use of offshore contractors. 


While some dissatisfied clients have 
jettisoned their offshore agreements, 
others have hunkered down to learn 
from their mistakes. 

At one point in his career at Cable 
Scope Inc., Bret Brase worked with 
Indian outsourcing companies whose 
sales pitches would include the claim 
that they were able to do work while 
their U.S. customers were sleeping. But 
Brase discovered that following the 
sun isn’t all it’s cracked up to be. “The 
difficulty is that you need to collabo- 
rate,” and that’s a problem when one 
party is asleep, says Brase, now a part- 
ner at the New York-based provider of 
spot advertising for cable television. 

So when Cable Scope decided last 
year to modernize a 16-year-old auto- 
mated system that enables its custom- 
ers to buy and sell media content, it 
didn’t turn to India. Instead, it looked 
a little closer to home and asked Ar- 
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gentina-based Globant to put together 
a needs assessment, straighten out the 
business logic and revamp the system 
from its IT center in Buenos Aires. 

Although Cable Scope has benefited 
from being only two hours behind 
Globant’s IT workers, Brase and his 
colleagues still had a rocky road early 
on. “We weren't nearly as prepared 
as we should’ve been to manage these 
guys, and it’s going to cost us time,” 
says Brase. For example, on the front 
end of the system modernization ef- 
fort, the Globant team created a set of 
data prototypes that met Cable Scope’s 
requirements, says Brase. But when the 
Globant team developed graphical user 
interface (GUI) screens afterward, the 
information on the screens didn’t meet 
expectations. So he and other Cable 
Scope executives had to fly to Argen- 
tina for a few weeks to “pound through 
the communications,” he says. 

LESSON LEARNED: “We should have 
asked for detailed mark-ups [of the GUI 

Continued on page 50 
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TECHNOLOGY THAT GETS YOU 
“EVERYTHING’S 


[ — = 


IBM eServer xSeries 226 Express 


An entry-level 2-way server that 
offers the reliability and 
performance needed for day-to- 
day computing. Easy to set up 
and deploy, with access to all 
major system components. 


System features 


wo Intel® Xeon™ 
essors 3GHz/2MB 


ver with 


$1,639** 


(Other configurations as low as $1,229) 


IBM Finant 


IBM eServer xSeries 346 Express 
Help maximize performance and 
improve availability in a rack 
dense environment with 
Xtended Design Architecture” 
Includes Calibrated Vectored 
Cooling, an IBM innovation that 
helps increase uptime. 


System features 

Up to two Intel® Xeon™ 
Processors 3GHz/2MB 

Two-way 2U rack server 


Up to 16GB DDR2 meiviory 
using 8 DIMM slots with 
enhanced memory 


Limited warranty 
3 years on-site 


$3,315°* 
(Other configurations as low as $2,219) 


IBM Financing Advantage 


$93 


IBM TotalStorage DS300 Express 


IBM eServer xSeries 260 Express 


IBM's newest third-generation 
Enterprise X-Architecture 
server. Designed for companies 
looking for database, e-mail, 
Web/e-commerce or consolidated 
application serving. 


System features 


Up to four 64-bit Intel® Xeon™ 
Processors MP, up to 3.66GHz 


Four-way tower or 7U rack 
capability 


Up to 3.6TB hot-swappable 
SAS (serial attach SCSI) 
hard disk storage 


Up to 64GB of memory with 
advanced memory protection 


Limited warranty: 3 years on-site 
$5,399** 
(Other configurations as low as $4,599) 


IBM Financing Advantage 


$151 


System features 


This entry-level, cost-effective iSCSI host- 
attached storage system utilizes your existing 


network infrastructure to deliver advanced 
functionality. Provides an exceptional SAN 


Support for up to 14 


Ultra320 SCSI disk 


storage solution with xSeries servers for 


e-mail/file/print. 


$6,455°* 


(Other configurations as low as $2,995) 


IBM eServer BladeCenter HS20 Express 
Offers extreme flexibility and 
scalability, plus it helps to 
consolidate and simplify your 
infrastructure. Helps reduce 
power consumption and save 
valuable floor space. 


System features 


Up to two Intel” Xeon™ 

Processors 3.20GHz2/2MB 
Up to 14 blades per chassis 
Supports both 32 


and 64-bit applications 


$2,899** 
(Other configurations as low as $1,669) 


IBM Financing Advantage 


$81 


IBM Financing Advantage 


$180 





USED TO SAYING: 
UNDER CONTROL? 


IBM Express Servers and Storage™ for mid-sized business. 


Know an IT. person who doesn’t like to hear that “everything's under control”? 
We don't. That’s why we offer an innovative management tool called IBM 
Director that can alert your |.T. people to potential problems up to 48 hours in 
advance! 


And our Calibrated Vectored Cooling on select xSeries® servers helps cool your 
systems more efficiently. Packing more servers into a single rack. Helping to 
save space, energy, money. 


With IBM Express, innovation comes standard. That's true for servers, storage 
and printers. Your local IBM Business Partner can tell you more. And remember, 
you can keep your technology current while helping to reduce costs — through 
IBM Global Financing. 


Excited? No need to control yourself. Get started today. 


Save time. Save costs. Save the day! (Optimize your I.T.) 


ibm.com/systems/innovate1 
1 800-IBM-7777 


IBM TotalStorage DS400 Express System features 


Exceptional entry-level solution for workgroup 3U rack mount entr 

storage needs. With advanced functionality, two controllers 

the DS400 supports xSeries servers and 2GB Fibre Channel storaa¢ 

utilizes hot-swap Ultra320 SCSI drives for area network (SAN) 

high reliability. mete sae ors as 
$8,495** IBM Financing Advantage 

(Other configurations as low as $4,995) $237 per t 
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MANAGEMENT 


“We experienced a 
learning curve and a 
cultural learning period. 


TIM BRENNAN, DIRECTOR OF INFORMATION SYSTEMS, UNITED STATES COLD STORAGE INC. 


SCOHSSSSHSHSSHSHSHSSESHESESHESSEHSEHSSESESHESHSEHHEHSESSHHOEHEEEHESEOES 


Continued from page 46 

screens] because a picture is worth a thou- 
sand words,” says Brase. “Business own- 
ers often can’t describe what they want 
until they’ve seen it.” 

Because the Globant team is work- 
ing efficiently, Brase estimates that the 
project should be finished within 14 
months, or one month later than ex- 
pected. 

Now, Cable Scope is looking to hire 
someone to oversee all of its key proj- 
ects and essentially act as the IT liai- 
son to companies like Globant. 

LESSON LEARNED: Never underestimate 
the time or resources needed to manage an 
offshore contract. 

In addition to communication prob- 
lems, lower-than-expected cost savings 
can also disappoint novice offshore 
outsourcing customers. Part of the 
problem is that many new customers 
buy into the hype that they’re in for 
huge savings, when offshore vendors 
tout development rates of $15 per hour 
while $90 is common in the U.S. 





But those per-hour charges are only 
the tip of the iceberg, says Lee Jones, 
CIO at Stratex Networks Inc. in San 
Jose. That’s because many clients of 
offshore contractors fail to account 
for time zone differences and project 
delays that lead to extra travel for the 
customer, says Jones. As a result, actual 
costs can end up being closer to $45 an 
hour, he says. 

LESSON LEARNED: Time and travel 
equal money. 


The Quality Quandary 
The quality of code is another sticking 
point. Jones, who uses offshore devel- 
opers for special projects to supplement 
his own internal IT department, says 
code produced offshore doesn’t neces- 
sarily meet domestic standards. 

“There is a difference between 


| people who can code and people who 


can write production code,” says Jones, 
explaining that someone writing code 
for a production application should be 
able to ensure that the code has the 





ability to “fail gracefully” when it runs 


| into trouble. 


To address that issue, Jones has 
learned to put together detailed coding 
specifications for vendors, along with 
rigorous acceptance criteria for the 
code that’s produced. 

LESSON LEARNED: Make your needs 
extremely explicit. 

Security is another concern. Brian 
Chess, chief scientist and security 
researcher at Fortify Software Inc. in 
Palo Alto, Calif., says he’s seen code 
written by offshore providers that 
could potentially expose customer 
records. 

“If you don’t ask [offshore providers] 
to pay attention to security, they don’t 
think about it,” he says. “The code that 
I look at from a security standpoint is 
just awful.” 

LESSON LEARNED: Assume nothing. 
Detail all security requirements. 

For five years, United States Cold 
Storage Inc. has been building a suc- 
cessful relationship with Cognizant 
Technology Solutions Corp., a devel- 
oper based in Teaneck, N_J., that has 
teams in the U.S. and offshore. It began 
with a project to connect all of U.S. 
Cold Storage’s warehouses over a WAN 
using Web programming tools. 

Since the initial collaboration in 
2000, the Cherry Hill, N.J.-based pro- 
vider of refrigeration warehousing and 
logistics has since tapped Cognizant 
to maintain its IBM AS/400-based 
warehouse management system. It’s 


Any dissatisfaction that users may feel about 
sending IT work abroad is not hurting the 
broader offshoring trend. For example, New 
Jersey-based offshore developer Cognizant 
Technology Solutions recently reported that 
its fourth-quarter revenue increased 45% to 
roughly $252 million. Its employee growth 
rate is similar to that of many cther offshore 
firms: it has 23,000 employees today; last 


year, it had 14,000. 
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also integrating radio frequency identi- 
fication technology into the company’s 
existing electronic data interchange 
and warehouse management systems, 
says director of information systems 
Tim Brennan. 

“We experienced a learning curve 
and a cultural learning period,” says 
Brennan. 

“We were pretty intuitive, and I felt 
strongly that [Cognizant] had to be 
part of the IT team,” he explains. 

So Brennan visited the Cognizant 
offices in Chennai and Bangalore in 
January 2000, and he and other execu- 
tives at U.S. Cold Storage encouraged 
the Cognizant team members from 
both the U.S. and India to visit its 
plants in California, Illinois and Texas 
to gain a better understanding of its 
business. 

“They were an amazingly quick 
study,” says Brennan. “They were up 
to speed and coding within a couple 
of months, which is amazing given the 
complexities of our business.” 

LESSON LEARNED: Taking time upfront 
to get a head start on the learning curve 
pays off on the back end. 

The more U.S. companies deal 
with offshore outsourcers, the more 
complex and demanding the relation- 
ships prove to be. But among the many 
lessons to be learned from offshore 
experiences is that, like any vendor 
relationship, offshore partnerships 
need time, resources and patience to 
develop properly. » 
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in a nutshell, what is your proposal, and 
what do you hope to accomplish with it? 
To use full-time undergraduate and graduate 
students to support business services that 
currently are being offshored. Laid-off work- 
ers, augmented by “active” corporate workers, 
would serve as mentors, project managers or 
project leads to ensure that work done by stu- 
dents is of equal or better quality than what is 
done by offshore vendors. 

The offshoring of high-tech work threatens 
to weaken U.S. leadership in technology 
and innovation and has serious implica- 
tions for national security and the privacy of 
sensitive information. It puts a downward 
pressure on wages that will likely discourage 
many of America’s best and brightest young 


people from pursuing careers in science and 
engineering. Offshoring has contributed to 
approximately 1.4% unemployed in manage- 
ment, professional and related occupations, 
service occupations, and sales and office 
occupations. This percentage will [increase 
incrementally] in years to come. The proposal 
should reasonably address some concerns 
facing the nation. 


You've been in touch with some mem- 
bers of Congress. How can they help 
this plan materialize? Since this issue is 
national in scope, | have requested guidance 
from congressional officials, in particular 
senators for economic development. Federal 
grants will be needed to help implement the 
model, as well as provisions in legislation that 
would lower operational costs for the com- 
panies that administer the program. Jointly, 
these two factors will enable the strategy to 
evolve and grow. 


Who would administer such programs? 
Universities, or the companies that 
hire the students? U.S. companies and 
universities would form joint ventures, and a 
third party would serve as liaison, employing 
the students and providing management pro- 
cess and controls. This liaison between the 
universities and their client companies will be 
a for-profit U.S. corporation eligible for grants 
from the government and advised by repre- 
sentatives from government, the companies 
and the schools. 

The way | see it is that this is an onshore 
alternative that, if done correctly, can support 
business processes and produce software 


higher in quality for the same price as offshoring. 





For more on Chebbi’s onshore BPO proposal, 
download the PDF at http://deepakchebbi. 
com/a-bpo.pdf. 
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A Course in Innovation 


PLUMMETING ENROLLMENT in computer 
science programs has led to a call for a new cur- 
riculum by the Education Board of the Association 
for Computing Machinery. This curriculum would 
give innovation a more prominent role as a way to 
improve both the image and appeal of computer 
science. 

Writing in the November issue of Communications 
of the ACM, Education Beard co-chairman Andrew 
McGettrick and past ACM president Peter J. Den- 
ning say that the public associates computer science 
with programmers, and in recent years. the definition 
of programmer has narrowed to mean “coder” and 
not someone concerned with the broader issues of 


the design, development, testing, debugging, docu- 
mentation and maintenance of software 

McGettrick and Denning argue that innovation is 
something that can be taught. They stress that it isn’t 
just the invention of novel technologies but can also 
take the form of new processes, new functionality 
and new business models. They propose embed- 


: ding “the foundational practices of innovation into 


the curriculum, so that students learn innovation by 
doing, without necessarily being aware they are en- 
gaged with systematic processes.” The curriculum 
begins with the study of great innovations. There is 
also a notable lack of math in their proposed first- 
and second-year course work. 


ANEW COMPUTER SCIENCE CURRICULUM 
Innovation themes proposed for freshman and sophomore computer science courses by 


Andrew McGettrick and Peter J. Denning: 


FIRST-YEAR AND MODULES 
= Programming and multimedia 

& Great innovators in computing 

= Computers in support of space travel 

® Building your own computer 

= Securing your computer 

= Robots 


Is Your a 
Great Place to 


SECOND-YEAR COURSES AND MODULES 


= Building search engines, other software tools 
= Great innovators in computing 

= Forensics 

= Puzzles and logic 


= The Web and digital libraries 


= Computer graphics and animation 


If your IT department offers great benefits, 
competitive salaries, opportunities for train- 
ing, and access to interesting projects - then 
make sure your company is recognized. Com- 
puterworld is conducting its 13th annual Best 
Places to Work in IT survey, and we need your 
help. Our special report will recognize the 100 
companies that offer their IT staffs the most 
challenging and satisfying work environments. 


My 


TO NOMINATE YOUR COMPANY, GO TO: 
.computsrworld.com/bestplaces2006 
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Katrina Brought Out 


The Best of IT 


URRICANE KATRINA was the worst natural disaster in 
U.S. history. It displaced more than a million people and 
created a federal disaster area covering 90,000 square 
miles. Its effects were unprecedented, but the response 
from the IT industry was powerful. Working through the 
American Red Cross, the industry donated tens of millions of dollars in 


cash, products and services. 


Companies also sent thousands of vol- 
unteers into the area to support relief ef- 
forts. This is the story of one disaster re- 
sponse effort that had enormous impact. 

Katrina hit New Orleans on Monday, 

Aug. 29. The magnitude of the disaster 
increased significantly on Tuesday when 
the levee broke and the flooding began. 
Steve Cooper, CIO at the American Red 
Cross, realized that the response effort 
required would be enormous. He knew 
that the capacity of his IT organization, 
while extensive, would fall short of what 
was needed, so he asked the CIOs at his 
major IT suppliers to meet at Red Cross 
headquarters in Washington. 

On Thursday, Sept. 1, 60 executives 
from 27 organizations attended the 
meeting on one day’s notice, and all of 
them offered help. The participating 
companies included giant vendors and 
small suppliers spanning the industry 
(see www.redcross.org/sponsors/helping.html). They 
agreed to contribute cash, products, services and 
people to the relief efforts. 

At the initial meeting, three things happened that 
were critical to the success of the effort. First, Cooper 
asked the companies to put aside industry competi- 
tion and focus on helping the victims. They did. Sec- 
ond, Cooper admitted that he didn’t have the resourc- 
es to respond sufficiently and asked for help. Several 
attendees stated their admiration for his candid and 
timely request for help. Often, they said, people wait 
too long to ask for assistance. Third, the Red Cross 
asked the group to formulate a plan together, instead 
of mandating a particular solution. 

By late Thursday, the group had come up witha 
relief strategy, and by Saturday — just five days after 
Katrina hit — multicompany teams began work on 
the following major IT projects: 

SHELTER SERVICES. One team developed a system 
to register and track people in shelters. This was 
not straightforward, since shelters were created in 
multiple locations (schools, churches, hotels and 





public buildings) and opened and closed 
in response to changing demands. Intel 
and Cisco led the team that donated and 
installed a standard communications kit 
at each site, including PCs, VoIP phones, 
wiring and supporting infrastructure. 
These kits served as phone banks and 
computer centers for each shelter, en- 
abling survivors to communicate with 
family members. 

FINANCIAL ASSISTANCE. Normally, the 
Red Cross sends response teams into di- 
saster areas to physically give debit cards 
to victims, but the devastation wrought 
by Katrina precluded this approach. In- 
stead, the financial assistance team, led 
by Avaya and SBC, constructed a Cali- 
fornia call center where survivors could 
register and have funds wire-transferred 
to a Western Union office. The 400-seat 
call center was created in one week and 
handled a large call volume daily. 

THE “FAMILY LINKING” INFORMATION DATABASE. 
More than 50 uncoordinated Web sites sprang up af- 
ter Katrina in an effort to identify victims and reunite 
families. Microsoft, Yahoo and Google worked to- 
gether to develop a system to crawl the Web to search 
these sites. Then they created a central repository, 
KatrinaSafe.org, to enable family members to connect 
with one another. IBM and the San Diego Supercom- 
puter Center developed the sites’s back-end matching 
program to remove redundancies and make the re- 
maining entries as unambiguous as possible. 

INFRASTRUCTURE. This team provided the technol- 
ogy underpinnings that enabled the other teams to 
operate effectively. It expanded the network capacity 
of the Red Cross by 400% in two days, enabling effec- 
tive communication among volunteers, suppliers, shel- 
ters, and Red Cross field operations and headquarters. 
Additional efforts expanded existing Red Cross sys- 
tems to collect contributions and register and screen 
volunteers. 

For a month, these multicompany IT teams worked 
long hours to help the victims. Fortunately, each of 


the companies involved had executive management 
that actively supported the projects. This enabled 
the various teams to divert their companies’ goods 

| and services to the relief efforts without red tape. 
(For team reports and photos, visit www.wirelessfort. 
net/blog and http://spaces.msn.com/members/ 
edfaulkner/) 

Several key lessons have emerged from this effort: 

The private sector has an important role to play in 
disaster preparedness and disaster response. U.S. 
citizens expect government and relief agencies, in- 
cluding the Red Cross, to lead these efforts. However, 
the private sector has the ability to move quickly, the 
necessary key skills and the desire to provide disaster 
assistance. 

The U.S. needs a powerful public/private alliance 
that can be activated during times of national emer- 
gency. It’s only a matter of time until the next hur- 
ricane, earthquake or pandemic, such as the bird flu, 
hits. It’s much easier to get cooperation from people 
you already know. Cooper contacted companies 
that were already providing products and services 
to the Red Cross. Now that an ad hoc IT disaster 
response group has been formed, a more permanent 
partnership can be established in anticipation of fu- 
ture situations. 

Good communication is critical to successful 
disaster response efforts. At times, communica- 
tion among volunteers, government relief workers, 
government agencies and the Red Cross broke down. 
This resulted in extra field work and occasional 
missed opportunities to help victims. The impor- 
tance of communication is often underestimated 
because people assume it will happen naturally. But 
the scale and scope of communication channels often 
demand more attention than anticipated. 

The post-Katrina finger-pointing was almost as bad 
as the hurricane itself. Local, state and federal of- 
| ficials all blamed one another for not being prepared 
and not responding quickly enough. In contrast, the 
IT teams cooperated superbly and produced excel- 
lent results. Relief team members experienced strong 
camaraderie, were proud to be part of the efforts and 
described their participation as a deeply rewarding 
personal experience. 

This column salutes the IT industry for reach- 
ing far beyond the walls of competition to serve the 
victims of a terrible disaster. Thank you all for your 
outstanding collaboration and for leveraging your 
expertise to make an important difference in so 
many lives.» 


WANT OUR OPINION? 


For more columns and links to our archives go to 
www.computerworld.com/columns 











Simplify your |.T. and your business. IBM servers and storage are designed to 
help you do just that. Take the IBM TotalStorage” DS4100 Express with DACstore. 
It can help you reconfigure or add capacity while staying up and running. 
No need to stop to reset drives. 


Because with IBM Express, innovation comes standard. That's true for servers, 
storage and printers. What's more, you can keep your technologies current 
while helping to reduce costs — through IBM Global Financing. 


All things considered, an I.T. hero deserves nothing less. 


MEET 3 HEROES IN THE BATTLE AGAINST I.T. COMPLEXITY. 
YOURE THE 4TH. 


IBM TotalStorage DS4100 Express 


(Other configurations as low as $6,599) 
IBM Financing Advantage 
y $206): 


Learn more about 

our full range of 

IBM Express products 
IBM eServer OpenPower 720 Express IBM TotalStorage 3580 Express and find the 

IBM Business Partner 

néar you. 


apy 
systems/innovate2 
wd 1 800-IBM-7777 


$9,774* IBM Financing Advantage 


IBM Financing Advantage $164 
$273 





MARKETPLACE sat 


“Stupendous...the juxtaposition of text, sound and picture 
was masterful. The quality of both sound and graphics 
was first rate.” The Boston Globe 


eee COM ee lat 
a language. Guaranteed. 


Great Holiday Gift Idea 


SAVE 
10% 


Your Price 
Level 1 CD-ROM .....$195- $175.50 
Level 2 CD-ROM ....$225- $202.50 


— oa 
| Ai ~ 
en eens BEST VALUE! 
Fe Level 1&2 Set .....$328° $296.10 
oa — . Personal Edition. Solutions for organizations also available. 


Award-winning software successfully used by U.S. State Department . 
diplomats, Fortune 500° executives and millions of people worldwide. Call today or buy online 
for a 10% discount. 


Finally, a different approach that has millions of people talking. Using RosettaStone.com/cws125 
the award-winning Dynamic Immersion™ method, our interactive software 1-888-232-9198 
teaches without translation, memorization or grammar drills. Combining Use promotional code cws125 when ordering. 
thousands of real-life images and the voices of native speakers in a step-by- os 
step immersion process, our programs successfully replicate the experience , : 
of learning your first language. Guaranteed to teach faster and easier than Give the gift they'll talk about all year! 


any other language product or your money back. No questions asked. Rosett 








Rosetta Stone is available for learning , 
Language Learning 

Arabic * Chinese + Danish * Dutch « English « Farsi French * German * Greek * Hebrew « Hindi * Indonesian 

Italian + Japanese + Korean « Latin + Pashto « Polish + Portuguese * Russian * Spanish + Swahili » Swedish 

Thai + Turkish » Vietnamese + Welsh 


“Bottom line: dtSearch manages a terabyte of text in a single 


index and returns results in less than a second” — InfoWorld 
over two dozen indexed, unindexed, fielded data COMPUTERWORLD 
7 and full-text search options 
¢ highlights hits in —_, XML = POF, while . 6 a 
strain bmi.” | Marketplace Advertising S 
converts other file types (word processor, database, ar € p ace ve ising ection 
spreadsheet, email & attachments, ZIP, Unicode, 
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Spider supports static and dynamic Web content, a se . 
with WYSWYG hit-highlighting reaches more than 1.8 million IT decision makers ey 
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O” sure way to create a diverse workforce is to hire 
new information technology _ professionals. 
Nationwide, headquartered in Columbus, OH, is relying 
on high volume hiring to attract people of diverse 
experience, diverse background, diverse ethnicity and 
diverse gender. 


According to Randy Stevens, the Director of IT Recruiting 
for Nationwide, the insurance company has IT jobs 
across the country with larger-sized organizations in 
Columbus, OH, Des Moines, IA, Portland, OR, 
Sacramento, CA, Scottsdale, AZ and Austin, TX. 
Nationwide has better than 5,500 IT associates, and “we 
are increasing total people dramatically,” says Stevens. 
There has been a 48% increase in new hires over the 
past year — 17% of the new IT associates identified 
themselves as minorities and 29% were women. 


The majority of IT hiring is in the application 
development job family with titles ranging from senior 
developer to project leader. IT architects are also in 
demand as the company moves from its legacy system 
to an enterprise JAVA architecture. Nationwide 
defines itself as an information-centric company, 
and the IT organization makes up 29% of the overall 
company workforce. 


Sr. Application Software Engin- Sr. SAP Analyst. New Bruns- 


eer. Lawrenceville, NJ. Multiple 
openings. MS-Comp Sci or MIS 
+ 2 yr exp in job or as Systm 
Anlyst or Prgrammr Anlyst 
Dsgn, dvip & mdify s/ware 
systm, incl govt agncies’ AS-400 
Applictn, to automte environmnt! 
info prcess'g & rport’g systm: 
Rsponsib! for s/ware life cycle 
dvpt, incl dsgn, cod’g, test'g, & 
implemnt'g applictn undr 
Mcrosoft NET & J2EE; Dsgn & 
dvip reusabli library & applictn 
frmewrk runn'g on Java & .NET 
platfrm for cmpany’s systm 
solutn; Dsgn & implemt multi-tier 
ASP.NET & Java applictn for 
govt agncy to implemt a paper- 
less environmnt! cmpliance 
rport’g systm; Cnduct prformnce 
mdel’g & tun’g for applicatn. Skill 
must inc: S/ware/Applictn dvpt 
life cycle; Multi-tier architcture 
systm; AS-400 Systm, AS400/ 
RPG; C#/.NET, ASP.NET, Java. 
HTML, XML/XSLT, JavaScript 
Mcrosft Access, Oracle & SQL 
servr; NET & J2EE frmewrk 
Send resume to Mr. Huang 
EnfoTech & Consulting, 11 Prin- 
cess Rd, Unit A, Lawrenceville, 
NJ 08648 


Software Engineer needed w/ 
Masters or Foreign Equiv in 
Applied Math or Engg. or Comp 
Sci. & 1 yr. exp to analyze, dsgn 
dvip & test client-server & n-tire 
applic. using Java, J2EE, C++ 
Oracle, SQL Server, Sybase 
d/bases, JBoss, WebLogic, Ap- 
ache & MS IIS Web Servers 
Analyze architecture & specifi- 
cation dsgn for component 
based distributed transaction 
processing using J2EE JTA 
Customize existing packages. 
create screens using HTML 
DHTML, JSP, ASP JavaScript 
on MS Windows & UNIX. 1 yr 
exp as Programmer Analyst is 
acceptable. Mail resumes to: 
Triple Point Technology, 301 
Riverside Ave, Westport, CT 
06880. Job Loc. Westport, CT or 
in any unanticipated loc in 
U.S.A 


wick, NJ. MBA-Finance + 1 yr in 
job or as SAP Cnsultant. Apply 
knwidge of fnanciail anlys to 
cnvert businss reqmt into SAP 
solut'n for client. Cnduct feasi- 
bity study, estimat'n & prject 
apprais! us’g prject evalut'n 
techni. Anlyz businss scenario. 
Dsgn & cnfigur SAP R/3 in 
Finance (Fl) & Cost (CO) mdule 
Impimnt CO-Cost Cntr Acct'g 
CO-Prod Cost’g, CO-PP-Pi, & 
CO-Prfitabity Anlys. Integrate 
CO-PA w/ APO mdule. Asst in 
finalizt'n of techni architcture for 
SAP implemnt'n. Suggst mgmt 
wi! diffrnt intrface in cmpliance w/ 
Sstatutry rgulat’n. Rspnsible for’ 
Rsource Plan & excut'n; risk 
mgmt plan & mtigat’n. Skill must 
inc: Prject Mgmt; Businss Prcss 
Reenginr'g; SAP in FI/CO, Sale 
& Distrbtn, & Mterial Mgmt 
mdule; SAP R/3, C, MS SQL 
MS Visio, MS Project, Quick- 
Book, Quicken, Tally, Flash, Di- 
rector Shockwave, Win XP/NT, 
Unix. Send resume to HR, IT 
Trailblazers, 100 Jersey Ave 
Ste. B201, New Brunswick, NJ 
08901 


Sr. Member Technical Staff - 


tElectrical Engineer. Multiple 


openings. Thomson, Inc. seeks 
a qualified Hardware Engineer 
for its Indianapolis facility. The 
Hardware Engineer is responsi- 
ble for performing hardware 
design for next generation of 
DIRECTV, DVD, or DVB set top 
boxes. Must have a Bachelor's 
degree or equivalent in Elec- 
tronics, Communication or Elec- 
trical Engineering or related 
field plus 5 years of experience 
in position offered or 5 years of 
experience in Electronics & 
Communication Engineering 
development for high volume’ 
production. Salary and benefits 
commensurate with exp. Send 
resumes to Thomson, Inc., Attn 
Job #9013, 10330 N. Meridian 
St, Indianapolis, IN 46290- 
1976 
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Advertising Supplement 


IT Careers: The Diversity Challenge 


“Our CEO defines three to five 
strategic intents every year, and 
for 2005 one of these was 


increasing diversity of our 
workforce,” Stevens explains. 


“Traditionally, financial services 


or insurance companies have 


been more conservative — and a 
conservative approach to hiring 
is not to hire outside the box. 


But we believe it is a strategic 
imperative to do so if we are 
going to branch into areas 


we didn't even think of in 


the past.” 


Stevens says the company relies 


on a strong development process to keep new 
associates with Nationwide. 
low. The average tenure of IT associates with 
Nationwide is 10.3 years, compared to 2.5 years in 


rank each person against those competencies. 
The result is that we can identify where opportunities 
exist, identify gaps and help people move into 
those areas.” 


“Our IT turnover rate is 


the rest of the market. But that stability doesn’t limit 
your ability to grow. We are hiring and will continue 
to hire. Our formal development program helps us For more information about IT Careers advertising, 


continuously identify the competencies we need for 


please call: 800.762.2977 


the future, and then our associates and managers Produced by Carole R. Hedden 


MphasiS Corporation has multi 

ple openings for the 

positions at its offices 

York, NY, Memphis, TN and un- 

anticipated client sites through- 

out the U.S. 

1.Software Engineer - Analyze 
design, test & maintain 
software applications 

2.Project Manager - Plan and 
coordinate activities of 
software professionals 

3.Management Analyst - Analy: 
ze business process through 
application of software solu- 
tions. 

4.Sales Engineer - Marketing 
and sales of various Informa- 
tion Technology (IT) services: 
products. 

5.Business Development Man- 
ager - Determine demand for 
IT services/products and im- 
plement business plans. 

Must have Bachelor or Master or 

equivalent and prior experience 

in job offered or related field 

Travel required. Please send 

resume, salary history and posi- 

tion applied for to 460 Park Av- 

enue South, Suite #1101, New 

York, NY 10016, Attn: H.R. Man 

ager with Ref. CWIT02/1205. 


LAN/WAN Administrator, South 
Windsor, CT: Provide installa- 
tion, operation, maintenance of 
LAN/WAN, administration of 
network infrastructure, switch- 
es, routers, supporting hard 
ware, file, application, web. 
email, domain/servers, data- 
bases. Maintain control of net: 
work intrusion detection sys- 
tems; Firewall support, virus 
protection and data integrity 
maintenance. Perform back up 
maintenance, monitoring, trou- 
bleshooting, diagnostics, includ- 
ing component and system 
troubleshooting services for 
network equipment. Perform 
technological review of materi- 
als and evaluate upgrade 
Reply to: Credent Technologies 
LLC, 30 Brookfield Street, Suite 
A, South Windsor, CT 06074. 


INSURANCE 


They say it takes all kinds... 


And we agree. At Nationwide, it’s not about filling a position or hiring a person. 
It’s about embracing a personality; someone who has a mind for action, a 
unique perspective on things, and wants to put their natural talents to use. 


Nationwide Insurance, a $100 billion, top-five provider of auto, home, and 
commercial insurance and world-class financial services, is looking for IT 
professionals for our headquarters in Columbus, OH. 


If the words Java, mainframe, and middleware get your heart racing, a career in 
Information Technology (IT) could be for you 


Computerworld, Application Development Trend magazine and the Industry and 
Technology Council of Central Ohio have recognized our award-winning /T team 
locally and nationally for the great work they do. 


Executive IT Leadership 


Creates compelling strategies, fuels innovation, and works together as one. 


Application Development 


Develops cost-effective information technology solutions. 


Architecture 


Connects business strategy and implementation through an IT road map. 


At Nationwide, the focus is on success - yours and ours! You'll find opportunities 
to strengthen your experience through in-house technical training, professional 
development sessions, and mentoring programs. We offer highly competitive 
salaries and benefits, commensurate with experience. For consideration, 
candidates can email resumes to STEVER13@nationwide.com and 

reference 0501. EEO, M/F/D/V 


www.nationwide.com 


Nationwide’ 
On Your Side" 


Computerworld - December 5, 2005 
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SOFTWARE ENGINEER, Mul- 
tiple Openings. Job located in 
Newark, Delaware and various 
unanticipated client sites 
throughout the United States 
Research, analyze, design 
develop and implement soft- 
ware/systems applications in a 
client/server environment; will 
also design, implement and 
maintain various programming 
and operating systems; will work 
independently testing and devel- 
oping software/systems applica- 
tions in accordance with project 
specifications; will oversee sys- 
tems implementation and pre- 
pare project status reports and 
formal presentations as re- 
quired; will communicate project 
specifications effectively with 
project team. Minimum of a 
Master's Degree or equivalent in 
Computer Science, CIS, Engin- 
eering, Mathematics, Electron- 
ics, Business, Management, 
Technology or a related field 
required. In lieu of a Master's 
Degree, employer is willing to 
accept the equivalent to a U.S 
Bachelor's Degree with five (5) 
years of prior progressive pro- 
fessional experience in the posi- 
tion offered or a related position 
Position also requires extended 
travel and/or relocation. No prior 
professional experience neces- 
sary. Attractive compensation 
package. Mail resumes to 
American Solutions, Inc., Job 
#SE02, 100 Commerce Drive, 
Suite 103, Newark, DE 19713 


Principal Software Engr. Engr & 
develop enhancements to inter- 
active television product lines. 
Enhance video streaming con- 
trol module in VOD product line. 
Engr, develop products using 
C/C++, Windows NT, SQL, TCP/ 
IP, multithreading, Win32 plat- 
form, & UNIX to accomplish 
development objectives. Deploy 
applications using InstallShield 
Maintain software & provide 
third-level support. Analyze & 
report bugs & formulate Project 
issues. Automate source tree 
build tools using Perl. Work with 
mgmt & other functions to devel- 
op effective new ways to in- 
crease system reliability. Evalu- 
ate & improve documents, 
plans, code, requirements, & 
specifications. Lead other em- 
ployees on major component & 
whole product deliveries. Use 
knowledge of customers, mar- 
kets, & competitors to improve 
competitiveness. Master, Com- 
puter Engring. 6 mos. exp. in job 
or Related Occupation of GPS 
Software Engr. 6 mos. of Relat- 
ed Occupation exp. must include 
developing programs & applica- 
tions using C/C++, multithread- 
ed development on Win32 piat- 
form, automating source tree 
build tools using Perl, & deploy- 
ing applications using Install- 
shield, which may be concurrent 
with Related Occupation exp 
Send resumes to Laura Watson 
Human Resource Manager, 
SeaChange International, 124 
Acton St., Maynard, MA, 01754 


PROGRAMMER ANALYST, 
Multiple Openings. Job locat- 
ed in Newark, Delaware and 
various unanticipated client 
sites throughout the United 
States. Analyze, design, devel- 
op, modify and implement soft- 
ware/systems applications in a 
clienUserver environment; will 
alsc design, implement and 
maintain various programmin 

and operating systems; will 
work in a team environment 
testing and developing soft- 
ware/systems applications in 
accordance with project speci- 
fications; will also work under 
the close supervision of the 
project manager. Minimum of a 
Bachelor's Degree or equiva- 
jent in Computer Science, CiS, 
Engineering, Mathematics, 
Electronics, Business, Man- 
agement, Technology or a 
related field required; position 
also requires extended travel 
and/or relocation. No prior pro- 
fessional experience neces- 
sary. Attractive compensation 
package. Mail resumes to: 
American Solutions, Inc., Job 
#PA01, 100 Commerce Drive, 
Suite 103, Newark, DE 19713. 


SENIOR SOFTWARE ENGIN- 
EER, Multiple Openings. Job 
located in Newark, Delaware 
and various unanticipated client 
sites throughout the United 
States. Research, analyze, de- 
sign, develop and implement 
software/systems applications in 
a client/server environment; will 
also design, implement and 
maintain various programming 
and operating systems; will work 
independently testing and devel- 
oping software/systems applica- 
tions in accordance with project 
specifications; will oversee sys- 
tems implementation and pre- 
pare project status reports and 
formal presentations as requir- 
ed; will communicate project 
cifications effectively with 
team. Minimum of a 
Master's Degree or equivalent in 
Computer Science, CIS, Engin- 
eering, Mathematics, Electron- 
ics, Business, Management 
Technology or a related field 
required. In lieu of a Master's 
Degree, employer is willing to 
accept the equivalent to a U.S 
Bachelor's Degree with five (5) 
years of prior progressive pro- 
fessional experience in the posi- 
tion offered or a related position. 
Position also requires extended 
travel and/or relocation. Five (5) 
years prior professional experi- 
ence in software design and de- 
velopment necessary. Attractive 
compensation package. Mail 
resumes to: American Solutions, 
Inc., Job #SE04, 100 Commerce: 
Drive, Suite 103, Newark, DE 
19713 


SOFTWARE ENGINEER, Mul- 
tiple Openings. Job located in 
Newark, Delaware and various 
unanticipated client sites 
throughout the United States. 
Research, analyze, design, 
develop and implement soft- 
ware/systems applications in a 
client/server environment; will 
also design, implement and 
maintain various programming 
and operating systems; will work 
in a team environment testing 
and developing software/sys- 
tems applications in accordance 
with project specifications; will 
also work under the close super- 
vision of the project manager. 
Minimum of a Bachelor's Degree 
or equivalent in Computer Sci- 
ence, CIS, Engineering, Mathe- 
matics, Electronics, Business, 
Management, Technology or a 
related field required; position 
also requires extended travel 
and/or relocation. One (1) year 
prior professional experience in 
software design and develop- 
ment necessary. Attractive com- 
pensation package. Mail resum- 
es to: American Solutions, Inc., 
Job #SE01, 100 Commerce 
Drive, Suite 103, Newark, DE 
19713, 


IT Engineer 


Bucyrus International, Inc., a 
manufacturer of open pit mining 
equipment and machinery locat- 
ed in South Milwaukee, Wiscon- 
sin, is seeking an IT Engineer to 
perform the design, develop- 
ment, and testing associated 
with the implementation and 
maintenance of application soft- 
ware in a client/server and web 
environment using BaaN ERP 
and Oracle. Will also analyze 
and resolve complex technical 
issues related to development 
and support of client/server and 
web application and participate: 
in long range planning of 
Information Technology initia- 
tives that support strategic cor- 
porate goals. Requirements: 
Master’s degree in computer 
science, information technology, 
or related field OR bachelor's 
degree and five years of experi- 
ence designing and developing 
systems software or applications’ 
with BaaN or Oracle. Must have 
BaaN Tools Certification. Hours 
are 7:30 AM to 4:15 PM 
Interested candidates should e- 
mail a resume to lthoffa@ 

m or call Lisa Hoffa at 
(414)768-5348 


SAS is the market leader in pro- 
viding a new generation of busi- 
ness intelligence software. We 
invite you to join our Middleton. 
Massachusetts team in our op- 
ening for an 


APPLICATIONS DEVELOPER 4 
Position # 05002354 


Will lead in the technical design 
development and documenta- 
tion of complex software solu 
tions; coordinate/provide high- 
level technical support; oversee 
development-level testing of 
applications; verify, track, and 
troubleshoot and propose/im- 
plement design changes. Will 
also coordinate work with other 
departments or groups to ensure 
product integrity and technical 
depth and work with multiple 
hardware/database platforms 
during the development phase 
of software products 


Requires a Bachelor's degree in 
Computer Science, Engineering 
or a related field and seven 
years experience as a Software 
Developer, Sofware Engineer, or 
Systems Analyst. Must have 
demonstrated experience with 
object oriented principles, JAVA 
XML, JSP, Serviets, EJB, C++ 
relational databases and appli- 
cation servers 


SAS offers outstanding benefits 
and an innovative work/life pro- 
gram. To apply for this position, 
visit: www.sas.com. Indicate 
position title and position 
#05002354. EOE/AA Employer 
M/F/D/V. Drug-free environment 
screening required 


Computer/Info Systems 


Kanbay, Inc. (Rosemont, IL), a 
global systems integrator provid- 
ing solutions to financial ser- 
vices industries, is seeking 
experienced Project Managers 
(ref. #15A), and Lead Consult- 
ants (ref. #15B) to manage con- 
sulting teams and client relation- 
ships. Also seeking technical 
Architects (ref. #15C), Sr. 
Consultants (ref. #15D) 
Business Analysts (ref. #15E) 
and Assoc. Consultants (ref 
#15F) to design develop test 
and implement business sys- 
tems software applications. 
Please email resume to 
resumes@kanbay.com and ref- 
erence appropriate job #. No 
calls. Kanbay is an affirmative 
action employer/eoe organiza- 
tion. 


Cleveland Municipal Schoo! Dis- 
trict seeks a Database Manager 
in Cleveland, OH to lead a team 
of programmers and DBAs re- 
sponsible for implementing and 
supporting multiple database 
systems including Data Ware- 
house/Data marts, running on 
platforms Unix and Windows NT. 
Require Master in engineering 
management, computer engi- 
neering or a related engineering 
degree, and 6 months of exp. in 
writing advance PL/SQL code 
for stored procedures, functions 
and packages; all phases of the 
development of database appli- 
cations, including database cre- 
ation, front-end and reporting 
designing relational database 
models, dimensional data mart; 
development and maintenance 
of database systems on NT and 
UNIX. Email your cover letter 
and resume to Debra at 
Debra.L.Burke@cmsdnet.net 
EOE 


Software Engineers for Naper- 
ville, IL office. Design & Develop 
software using Oracle, Develop- 
er 2000, Designer 2000, SQL 
Server, DB2, J2EE, ASP, UML 
VB, .Net, C#, Windows, Unix 
and Linux. Masters or Equiva- 
lent** req'd in Computers, En- 
gineering, Math or any other 
related field of study + 1 yr of 
related exp. (**Eqv: Bachelors 
or Eqv. (academic + exp.) + 5 
yrs of progressive related work 
exp.). 40 hrs/Wk. Must have 
legal authority to work perma- 
nently in the US. Contact HR. 
Libsys, inc, 2020 Calamos Ct, # 
236, Naperville, IL 60563 


Software Engineer: Responsible 
for design and integration of 
software applications and com- 
pliance with security and system 
requirements. Support develop- 
ment and implementation on 
customer site. Prepare design 
documentation. Develop config- 
uration management plan for 
distributed team. Must have BS 
degree in computer science 
math, engineering field, eco- 
nomics or management field 
and 2 years of experience in 
Web Services, J2EE, Java 
Security, Visual Basic, SQL 
Perl, Clear Case, RUP and 
UML, DB2 and Oracle database 
design, UNIX advanced admin. 
istration. Job Site in Bellevue. 
WA. Pls send resume to nat'l 
office: Attn HR Mgr. (Job 
#ITLCO5) Luxoft USA 136 Sum- 
mit Ave. Suite 104. Montvale, NJ 
07645. 


Web Designer needed w/2 yrs 
exp to design, implement & 
maintain hypertext based pub- 
lishing site using authoring & 
scripting languages, create 
contents, manage tools & dig- 
ital media tools using VB- 
Script, Java Script, Java, 
JDBC & Adobe Photoshop. 
Maintain company's portal 
system & ensure access to the 
site tools. Design & prepare 
website functionality related to 
business application. Mail 
resumes to: P&K Jewelry, Inc. 
1201 Broadway, New York, NY 
10001. Job location: NYC 


Sr. Systems Admins: lead 
teams to deploy, install com- 
plex Java/J2EE apps on Sun 
Solaris, HPUX, Windows con- 
figure, support, fine-tune appis/ 
system arch; configure, admin- 
ister Webservers, Vertias, Sun 
Solaris OS, SUN Servers; 
define system procedure/accpt 
std; interact with clients; guide/ 
train team. Require: BS or for- 
eign equiv in CS or Engg & 5 ys 
progressive exp in systems 
admin. F/T. Comp salary. Trav- 
el. Resumes: HR, Opalsoft, 
Inc., 3150 Almaden Expwy, Ste 
205, San Jose, CA 95118. 


Multiple openings for IT profes- 
sionals by Z3 Technologies 
(Milwaukee, WI) to design and 
customize applications using 
Oracle, Sybase, SQL, C/C++, 
Visual C++, OOD, Java, Web 
Tech. Travel may be required 
Candidates must have MS/BS 
with exp. Contact info@ 
Z3technologies.com. EOE 
ARWANO, Inc. seeks S/W 
engineers, system analysts, 
DBAs using Oracle, SQL, VB, 
C/C++, SAP, AS/400, RPGLE, 
COBOL/400, CL, SQL/400, 
Query/400, VB, Java, Web- 
Logic/Sphere, etc. Min MS/ 
BS+1-5 IT experience. Travel 
maybe required. Apply at 
waseem@arwano.com, EOE 


Programmer Analysts for 
Charlotte, NC. Develop soft- 
ware using VB, Crystal 
Reports, Delphi, ASP, XML, 
Cooigen, Interwoven, Oracle, 
PL/SQL, Developer 2000 & 
Designer 2000.Bachelors or 
Equivalent req'd in Comput- 
ers, Engineering, Math or 
related field of study + 2yrs of 
related exp. Must have legal 
authority to work permanently 
in the U.S. Send resumes to 
HR Manager, Masterminds 
Global Solutions, LLC 2520 
Sardis Road N, Ste 234, 
Charlotte, NC 28227. 
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Computer Professional NJ 
based IT firm, Jr. Level Positions 
Programmer Analysts, S/ware 
Engrs, Sys Analysts, Database 
Admin's to develop, create, and 
modify general computer ap- 
plic'ns software or specialized 
utility programs. Analyze user 
needs & dviop s/ware solutions 
Sr. Lvl Position, IT Mngr, MIS 
Manager, ITS Director to plan 
direct, or coordinate activities in 
such fields as electronic data 
processing, information sys- 
tems, systems analysis, & comp 
programming. Apply w/ 2 copies 
of resume to H.R.D, Vaktech 
Corporation, LLC., 32 Sycamore 
Drive, Plainsboro, NJ 08536. 


Sr. Software Engineer 
needed to dsgn & dvip 
real time trade capture 
system for Global fixed 
income mkts. Integrate 
system w/OMS & Back 
office system. Resume 
to Comptech Associ- 
ates, Inc. Attn: Vikas 
Kapoor 1075 Easton 
Ave, Tower 1, Ste. 4, 
Somerset, NJ 08873. 


Sr. Software Developers 
to design & code software 
product components, de- 
velop, enhance, imple- 
ment & debug client/serv- 
er applications, & web ap- 
plications using Java & 
.NET technologies. Re- 
quired M.S.C.S or related 
field & 2 yrs exp. Send 
resume to S. Arseniev, 
V.P., Ref. # 99A20, 3307 
M St., N.W., Ste 200, 
Washington, DC 20007 


Programmer Analyst 


Accounting Firm requires skilled 
professionals for designing, 
developing &implementing both 
business and accounting soft- 
ware, skills desired 


Web technology (Java, JDBC, 
JSP, ASP). Servers (Weblogic 
Websphere, Apache, Tomcat) 
Windows networking 


Send Resume to 
Al Roberts, CPA 
503 Hathway Dr. 
Clinton, MS 39056 


ShellSoft seeks IT profession- 
als (programmer/system ana- 
lysts, software engineers, 
DBA), project engineers using 
Oracle, SAP, SQL, Java, C/ 
C++. Minimum requirement is 
MS or BS with 1-5yr IT experi- 
ence. Some positions require 
travel. Please send resume to 
jobs@shellsoftinc.com. EOE 


Knight Industry (Auburn Hills, 
MI) is looking for engineering 
manager-robotic application to 
oversee developing material 
handling automation robotics, 
interface with CNC. Must have 
BS+6yr exp in robotic automa- 
tion. Send resumes to 
sdybalski@knight-ind.com. EOE. 


EDS is looking for an Informa- 
tion Specialist Senior for its 
Cherry Hill, New Jersey location 
to define, document and exe- 
cute projects by identifying, 
assessing and managing risks. 
Requires Bachelor of Business 
administration degree in Man 
agement Information systems 
and one (1) year of experience 
in designing and maintaining 
health and welfare information 
and transactional web interface 
To apply, submit resume to 
Christopher Heslin. Manager - 
Communications Delivery 
Group, EDS, 101 Woodcrest 
Drive, Cherry Hill, NJ; in reter- 
ence to 1119-J. 


Systems Analyst NYC 
Neotecra a software consult- 
ing co, has openings for expd 
prof! to develop & analyze biz 
applis & assist in full life cycle 
proj w/WLI using Eclipse 
JBuilder, Rational Rose, XSLT, 
AJAX, JSF in heterogeneous 
environ. Integrate Struts & 
Hibernate framework & mi- 
grate ASP to J2EE environ 
Set up appin server w/ JMS & 
JDBC. We offer compet 
salaries & prof! work environ 
For immed consid send res to 
Neotecra Inc., 90 John St, 5th 
Fi, NY, NY 10038, Attn: HR 


Sr. Team Lead needed to 
provide team leadership 
for delivering dvipmt, test 
& production envrmts for 
impimtg critical corp bus 
systms. Responsible for 
gathering info tech reqmts, 
managing team, dvip tech- 
nology operations engage- 
ment model, s/ware dsgn 
& dvipmt. Resume to 
Global Consultants, Inc., 
Attn: HR-Hireme, 25 Air- 
port Rd, Morristown, NJ 
07960 


Computer 
Network 
Systems Analyst 


Send resume to: 
Needham Dental 
Corp., dba: Uni- 
versity Dental, 
847 San Pablo 
Ave., Albany, CA 
94706. 


ATTENTION 
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Tech Whiz? 
Knowledge Guru? 
You know that your 
performance impacts 
the customer? 


We're U.S. Cellular®, a super-regional wireless 
company dedicated to ensuring all facets of 
our organization are focused on customer 
satisfaction. And as a part of our technical 
team, you will play a pivotal role in ensuring 
our systems, services and operations work. 
All the time, every time. If you're looking to 
make a real-time impact on our high level of 
service, you're ready for U. S. Cellular. 


To find out how you can become a part of it 
with a career with U.S. Cellular, visit 
www.uscellular.com/employment today. 


First you are a part of it, 
then it becomes a part of you. 


74 US. Cellular 


We connect with you: 


www.uscellular.com 


We are a drug-free workplace and an equal opportunity 
employer dedicated to diversity and inclusion. M/F/DNV. 
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source code has already given 
his IT department early access 
to new Sun technologies, like 
the ZFS file system that will 
be included in Solaris 10 next 
year. Such early access lets his 
IT staff begin testing before 
the technology is released as 
part of the operating system. 
But Sun officials said the lat- 
est open-source effort is first 
aimed at winning developer 
support and encouraging them 
to adapt Sun technology in 
new ways, rather than attract- 
ing the attention of IT manag- 
ers. “These are folks that don’t 
necessarily have access to a lot 
of money, but they certainly 
have the ability to move the 





landscape,” said Sun President 
Jonathan Schwartz last week. 
Once developers come on 
board, Sun hopes they can 
convince IT managers of the 
value of Sun software, he said. 
As the OpenSolaris effort 
shows, however, the devel- 
opment community moves 


| slowly. To date, most of the 


OpenSolaris community de- 
velopment work has been on 
bug fixes and minor updates. 
Even so, Sun officials said 
there is significant open-source 
community development work 
in progress that may or may not 
bear fruit. The projects include 
porting Solaris to IBM’s Power- 
PC chip and porting DTrace, an 
application performance tool in 
Solaris 10, to FreeBSD, an x86- 
compatible operating system. 
Although some 9,000 non- 


Microsoft Beefs Up 
Security Partner Rules 


All must now 
be certified by 


BY JAIKUMAR VIJAYAN 
Microsoft Corp. last week said 
it’s now requiring that security 
partners be certified by one of 
two third-party organizations. 
The move marks the first time 
Microsoft has required that 
partners be certified outside 
of its own Microsoft Certified 
Systems Engineer program. 
Microsoft officials said the 
move is aimed at strengthen- 
ing the capabilities of resellers 
to deliver security services to 
corporate customers. 
Microsoft partners that 
specialize in security man- 
agement services must now 
get certified under programs 
offered by the Information 
Systems Audit and Control As- 
sociation (ISACA) in Rolling 
Meadows, III. Those specializ- 
ing in infrastructure services 
must be certified by the Inter- 
national Information Systems 





Security Certification Con- 
sortium Inc. — also known as 
(IiSC) — in Vienna, Va. 

Microsoft said it’s working 
to provide partners with dis- 
counts for some of the certifi- 
cation classes. 

Thomas Dawkins, group 
product manager in charge of 
Microsoft’s security partner 
strategy, said Microsoft turned 
to third-party certification 
programs for the first time to 


Gan aeali ala 
gett e-TEL 
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| posted on mailing lists, devel- 
opment boils down to the ef- 
| forts of the determined few. 


| Inc. in San Jose, is working on 
| donated equipment on his own | 


| BSD. O’Dell said that the proj- 


| complete but that a corporate 


| is getting his “spare time,” but 





| plete it in January. 








; Sun employees are involved 


in OpenSolaris.org, and thou- 
sands of messages are being 


For instance, Devon O’Dell, a 
systems engineer at iXsystems 


time to port DTrace to Free- 
ect will take a year or more to 


sponsor could help reduce de- 
velopment time to six months. 
Rich Teer, a Unix consultant 
in Kelowna, British Columbia, 
is working on an open-source 
Solaris project affecting its 
terminal session. The project 


Teer said he expects to com- 


better align the capabilities of 
its security services resellers 
with customer needs. 


Additional Skills 

The certification programs 
offered by ISACA and (ISC)? 
will give Microsoft partners 
security skills that go beyond 
Microsoft products — a key 
requirement for security tools, 
Dawkins said. 

For instance, technology- 
centric certification programs 
such as (ISC)’’s Certified In- 
formation Systems Security 
Professional and its Systems 
Security Certified Professionai | 
course are designed to ensure 
that Microsoft resellers can 
handle infrastructure security 
issues, he said. 

The new program can help 
users “feel more comfortable 
knowing that Microsoft is re- 
quiring its partners to have a 
wider perspective on security, 
[not] just a Microsoft vision,” 
said John Pironti, principal 
security consultant at Unisys 
Corp., a Microsoft partner in 
Blue Bell Pa. 

Pironti said Microsoft had to 
align with internationally rec- 
ognized programs to become a 





credible security vendor. ® 


Analysts aren’t predicting 
how Sun’s open-source strate- 
gy will fare but some believe it 
could make it easier for users 
to adopt Sun’s products. 

Software with high costs 
and closed source code are 
more difficult to distribute, 
said James Governor, an ana- 
lyst at RedMonk in Denver. 


| Products with low barriers 

| of entry, such as open-source, 
| “have fewer obstacles between 
| them and developers.” 


Tony Baer, principal at on- 


| Strategies in New York, added 


that Sun had little to lose in 


| making the move, given its 


limited success in selling mid- 
dleware technologies. ® 


Sun Executive Explains 
Move to Open-Source 


FOR YEARS, Sun Micro- 
systems Inc. has tried 

to improve its software 

business. Just last week, 

Sun began offering all of its 

core software products as 
open-source technologies, * 
a year after doing the same 

with Solaris. In an interview 

with Computerworld last 

week, John Loiacono, 
executive vice president of Sun's 
software group, talked about the 
company's software efforts. 


Is Sun’s recent open-source 
move aimed at helping inde- 
pendent software vendor and 
corporate development teams 
show IT managers the vaiue of 
adopting your technology? Yes, 
they are definitely a primary target, 
but even on the deployment side, 
you've got architects and systems 
administrators who are effectively 
a different kind of developer and 
are also looking for easy, unen- 
cumbered access to software. It 
isn't solely developers. 


What is the value of making the 
Java Enterprise System identity 
management suite open-source? 
The value of open-source to me 
has very little to do with making 
the bits available - it’s the com- 
munity aspect. That community 
can take that base technology and 
develop on top of it. Now we have 
a community of 10,000 people 
who are active [OpenSolaris] 
members, of which we've had hun- 
dreds of contributions, and we've 
already had probably 15 to 20 [new 


GA 


development features] 
integrated in, tested and 
certified, and now running 
as part of the OpenSolaris 
foundation. 


What type of features do 
you expect to be added 
to JES by the open- 
source community? 

If someone has some 
authentication features, that will 
plug into an existing foundation. If 
someone has better cryptography, 
the ability to augment single sign- 
on capability - these are things 
that can come from Sun and can 
come from outside. 


How wiil the new bundled So- 
includes JES, management and 
development tools, Solaris and 
Sun Ray, be offered to corporate 
users? You can package it up with 
an enterprise license agreement, 
and you can license the whole 
truckload. Most likely, people will 
evaluate on a broad scale and 
implement specific products. 


How will the bundled product be 
priced? | will have it shortly. The 
JES is $140 per employee per year, 
and that's without the SeeBeyond 
integration. It will be something 
north of $140 [per user] when we 
include the SeeBeyond [integra- 
tion technology]. SeeBeyond has 
about as much code as JES in its 
entirety. Then | will have te put 
some value on a subscription pric- 
ing for Solaris, Ni and the tools. 

- PATRICK THIBODEAU 
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HY, OH WHY is New Orleans launching a free 
citywide wireless network? At a time when the 
hurricane-ravaged city is still largely unlivable, 
with tap water still undrinkable in some areas, 
with the local power company saying electricity 
and natural gas won't flow in some neighborhoods until February, 
with many homes and businesses still waiting for phone and cable- 
TV service to work again — with all that still to handle, why did New 
Orleans last week start a city-owned, open-to-the-public Wi-Fi system 
that’s nominally aimed at attracting tourists, conventions and new 


businesses? 


Because it could. And because that’s what technology is for. 


There’s nothing special about the technical 
details of the project. Like other municipal wire- 
less systems, the one in New Orleans uses a 
mesh network of antennas mounted on existing 
utility poles. The signals piggyback on a fiber 
backbone designed to connect security video 
cameras installed before hurricane Katrina hit. 
The Wi-Fi service started last week in the cen- 


tral business district and will expand into tourist | 


haunts such as the French Quarter in the weeks 
to come. 

In short, if you squinted hard and ignored the 
mess surrounding it, the New Orleans citywide 
wireless system wouldn’t look much different 
from the one launched one day earlier in Tempe, 
Ariz. (except that Tempe’s is a paid-subscription 
service and New Orleans’s can’t run at full Wi-Fi 
speeds, thanks to a state law hobbling govern- 
ment-owned wireless systems). 

But not everyone is happy about the New Or- 
leans launch. After all, New Orleans isn’t Tempe. 
Tempe wasn’t emptied three months ago by a 
hurricane. With so much work yet to do on core 
services, more than a few people are 
asking why New Orleans is installing 
a frill like free Wi-Fi before there’s a 
functioning city underneath it. 

Short answer: Because it can. Lit- 
erally. New Orleans can’t restore 
water or gas or electricity or phone 
or cable service any faster than it al- 
ready is. Entergy and BellSouth and 
Cox Cable and the city’s water de- 
partment are patching things up as 
quickly as possible, but that requires 
repairing the existing physical infra- 
structure. Water and gas pipes have 
to be purged of flood water. Power, 
phone and cable wires have to be 





repaired or restrung and tested. That’s a slow, 
painstaking process. 

But sticking Wi-Fi antennas on light poles? 
That New Orleans can do — and fast, too. 

More than that, Wi-Fi is something New Or- 
leans can use right now. No, not for the tourists 
(who aren’t there anyway). But for police, fire and 
emergency personnel. And building inspectors. 
And contractors filing permits. And the same 
power, phone and cable workers who are busy re- 
storing the city’s more traditional infrastructure. 

This isn’t a gimmick to lure tourists, conven- 
tioneers and businesses back to the Big Easy, 
though that’s the way the politicians trumpeted 
it. One more time: There aren’t any tourists or 
conventioneers. There aren’t enough custom- 
ers to support new businesses. If tourists, con- 
ventioneers and new business were its purpose, 
throwing up a quick Wi-Fi system in New Or- 
leans is something that would make sense to do 
later, not sooner. 

No, that “rebuilding New Orleans with a wire- 
less future” jazz just makes a better sound bite 

than saying, “We installed Wi-Fi 
now because we can do it quickly 
and the improved communication 
will speed up the process of putting 
the city back together.” 

That’s what technology is for. 

It’s what technology is good 

at, when we use it well: solving 
problems faster, and in ways that 
wouldn’t be possible otherwise. It’s 
not a frill. Sometimes it’s the best 
solution we have. 

Why Wi-Fi in New Orleans? It’s a 
fair question. And in New Orleans, 
this time at least, technology is a 
pretty good answer.» 
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Getting the Message 
IT manager is reluctant to buy the help desk new 
phones that support Caller ID. “He explained he 
would have trouble justifying the expense to the 
finance manager, who continually berated the help 
desk as unresponsive,” reports pilot fish on the 
scene. “| countered by forwarding several voice-mail 
messages left for the help desk. He recognized the 
voice on one message as the finance manager. The 
message: ‘This @#5%! isn't working. Call me right 
away!’ The help desk got the new phones.” 
Feeling Blue at least try 
mccces =< SHARK eaetete 
TANK. 


computer, but it 
help desk: His didn't work.” 


spyware removal.” 
Forklift Syndrome 
Warehouse inventory 
manager calls sysadmin 
pilot fish, saying, “You 
need to come look at 
this machine down here. 
It's got a bad cable.” 
Fish walks down only 
to discover that the PC 
won't even boot up. And 
no wonder: The power, 
mouse, keyboard and 
network cables have all 
been completely sev- 
ered. What happened? 
Manager: “Well, a 
forklift hit the table and 
kept on going about 20 
feet. | figured we should 


WORK WITH SHARKY ON THIS. Send me your true 

story of IT life at sharky@computerworld.com. 
You'll snag a snazzy Shark shirt if | use it. And check out the 
daily feed, browse the Sharkives and sign up for Shark Tank 
home delivery at computerworld.com/sharky. 





rene 





ce 


or 





: : CONTRIBUTION TO EBITDA/REGION , ‘ , 

© a’ i URRENCY Veta tai: " e , 

«= i FACTORY VOLUME OUTPUT St 
‘ TAM €: 0.07 UNITS/HOUR/YEAR 5 Sy 


SAO PAOLO, BRAZ! 


| KYIV, UKRAINE 


CHANGING THE LANDSCAPE OF 
BUSINESS INTELLIGENCE? 


[ Integrating financial management and BI to create the first Business Performance Management system. | 


INTRODUCING HYPERION SYSTEM’ 9 
Now you can attain performance visibility and take immediate action to solve 
business problems with the new Hyperion System 9. Built as a single modular 


; . : - : , ; —— VISIBILITY. 
system, Hyperion System 9 increases productivity while reducing risk and TCO. | 9090 
¢ - = 7 1] oO oO PERFORMANCE. 


SUCCESS" 


It’s straightforward for IT to integrate with database and transaction systems. : 
Hyperion 


And it’s even simpler for end-users to learn and use. See the launch webcast: 
www.hyperion.com/launch 
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A recent study of companies listed on NASDAQ and NYSE found that companies that run SAP are 32% 
more profitable than those that don’t? Fact is, S. software solutions make businesses of all sizes more 


efficient, more agile and more responsive. We invite you to see for yourself. Visit www.sap.com/results 








